7. Not all attacks are direct ones

Countless universities around the world were affected by a cyberattack against the digital service provider Blackbaud earlier this year. Attackers stole personal data from the company and weeks later it reported it had agreed to pay its attackers to delete the stolen files. Though the company could offer no proof that the files had truly been deleted, a statement released by the company said “we have no reason to believe that any data went beyond the cybercriminal.” Some of the U.S. universities affected include the entire California State University system; Lenoir-Rhyne University, a private school in Hickory, North Carolina; the University of Notre Dame; University of South Dakota; University of Central Arkansas; and Wake Tech Community College in Raleigh, North Carolina.