A hacker group has claimed responsibility for the ransomware attack that struck Canada’s Royal Military College (RMC), and has published copies of files it has allegedly stolen from the academy.
The threat group, responsible for spreading a ransomware variant called DoppelPaymer, published the claimed-to-be stolen student files and financial information on the website Doppel Leaks. It is believed that the hacker group is looking to pressure the RMC into paying a ransom before the rest of the stolen data is leaked.
A threat analyst with Emsisoft told IT World Canada that they had analyzed the student files, which they suspect are authentic.
RMC, together with some of its affiliates, first revealed that they were hit by a malware attack in July. The cyberattack crippled their internal systems by encrypting the data in computers, preventing users from accessing anything. Due to the risk of spreading the malware, the college dean issued a warning against connecting to RMC’s network.
When the ransomware first hit, RMC’’s website and email systems went offline.
In a statement, a Department of National Defense (DND) spokesperson said that the agency is still assessing the extent to which RMC’s data was compromised.
“Given the investigation is still ongoing, we cannot comment further on the specific incident,” the DND representative said, adding that the department is working with the Canadian Security Establishment’s Canadian Centre for Cyber Security to investigate the incident.