The Johns Hopkins University and the University System of Georgia are among the higher education institutions swept up in the ongoing and global exploit of a popular file-transfer system.
Hackers from the CL0P ransomware group have been exploiting a vulnerability in the file-transfer software MOVEit, which the group has said it has used to breach “hundreds of companies” since May 31. Johns Hopkins issued an announcement this week notifying students, staff and faculty that the university and health system were among those affected by the attack.
“Johns Hopkins takes the privacy and security of our community members extremely seriously,” the notice read. “Our cybersecurity team is working closely with data security experts and law enforcement to determine what information was involved. This investigation is ongoing, but our initial evaluation shows the attack may have impacted the information of Johns Hopkins employees, students, and/or patients.”
The university urged its community members to monitor their credit reports and bank statements, watch for suspicious emails and sign up for credit monitoring services.
The University System of Georgia confirmed to Fox 5 Atlanta that it was also affected by the attack.