The University of California, San Francisco paid hackers $1.14 million in bitcoin after a ransomware attack this month.
The hackers launched malware that encrypted the university’s servers within the School of Medicine, making data temporarily inaccessible. To resolve the issue, the university paid the amount, reportedly in 116.4 bitcoins (currently worth over $1 million).
“The data that was encrypted is important to some of the academic work we pursue as a university serving the public good," said the university. "We therefore made the difficult decision to pay some portion of the ransom, approximately $1.14 million, to the individuals behind the malware attack in exchange for a tool to unlock the encrypted data and the return of the data they obtained."
The university did not specify what data was encrypted but said it believes that patient medical records were not exposed. The incident also did not affect patient care delivery operations or COVID-19 work, said the university.
The Netwalker ransomware gang is said to be behind the attack. The group initially demanded $3 million, and the university had offered them to accept $780,000. Finally, after negotiations, the university paid out $1,140,895.
The university said it continues to cooperate with law enforcement agencies to investigate the issue. Earlier this month, Michigan State University was also attacked by Netwalker, but the university refused to pay a ransom at the time.