Penn data leaked after University refused to pay $1 million ransom

ShinyHunters infiltrated the University of Pennsylvania internal data system last October. The group demanded a $1 million ransom from the university to prevent the release of files on the dark web. The ransom went unpaid. The hackers later took credit for the attack online. The group released a cache of confidential university files on its website on Feb. 4. The files included dated records and donor contact information. The release came just two days after the university stated in a court filing that fewer than 10 individuals were impacted Mass spam emails were sent from multiple university-affiliated email addresses on Oct. 31. The messages criticized the university security measures and admissions practices. Over 3.5 giga The group stated they are primarily concerned with making money and not with politics. They described the emails as a misdirection for investigators and the university. The hackers said Penn cybersecurity was average compared to peer institutions. ShinyHunters said they asked for a reasonable $1 million settlement to prevent the release. The university did not reply despite multiple attempts to make contact through a general information technology email address. The hackers claimed the university showed negligence in its security measures and did not agree to a settlement.