Three years after a serious hacker attack, Maastricht University is getting back considerably more money than it paid the criminals – around half a million instead of 200,000 euros. The reason for this, in addition to successful police investigations, is the rise in the price of bitcoins. The ransom was paid in cryptocurrency, as reported by the newspaper “de Volkskrant” on Saturday. The university confirmed the information at the request of the ANP news agency.
According to the information, the university was hit by a large-scale cyber attack in 2019. The criminals used so-called ransomware, a type of malware that blocks or restricts access to data until the victim pays a ransom.
The criminals encrypted hundreds of Windows servers and backup systems so that “25,000 students and employees could no longer access academic data, the library or the mail”. According to the report, the hackers demanded 200,000 euros in Bitcoin. After a week, the university decided to pay the money because “personal data was at risk of being lost and students were no longer able to take exams or work on their theses”.
Dutch police traced part of the ransom money back to a money launderer’s account in Ukraine. In 2020, prosecutors seized the account, or cyberwallet, which held a number of different cryptocurrencies, including €40,000 of the ransom paid by Maastricht University.
The legal negotiations about the retransfer from the blocked wallet dragged on until spring 2022 – to the advantage of the university, which now receives the equivalent value, which has increased to almost 500,000 euros.
The money will not flow into the university’s general budget, but will benefit a fund for students in need, a spokesman said. He pointed out that the damage done by the hackers was also great given the cost of updating the IT system.
The manhunt for the hackers and the oversized rest of the ransom bitcoins continues.