A recent cyber-attack on Trinity College Dublin took away €1 million from the institution’s coffers, the college has confirmed.
The Trinity Foundation was alerted by banks of the cyber-attack, following which the college has launched a detailed investigation.
Not much data is presently available regarding the cyber-attack but the college says it has been successful in recovering some of the lost money. The Trinity Foundation and the college have also engaged a computer forensic team which will assist in the investigation.
First reported by The Irish Sun, the cyber-attack has been reported to the Data Protection Commissioner’s office and only a detailed criminal investigation will be able to trace the hackers and offer ways to retrieve the lost money, which may otherwise be compensated through the university’s commercial revenues.
The main targets of the cyber-attack were donors who have been contributing to the Trinity Foundation for some time. After the cyber-attack was discovered, the Foundation wrote a letter to its donor community, apprising them of the attack.
“We are writing to tell you that your personal information may have been compromised by an email attack on Trinity Foundation and we strongly encourage you to be vigilant of any suspicious emails you receive. An email account belonging to one of Trinity Foundation’s employees appears to have been compromised by an apparent phishing/malware attack. It seems that the attackers had access to this email account from February 7, 2017,” went the letter.
“The incident has been reported to the Gardai and the Data Protection Minister, both of which are assisting Trinity Foundation in dealing with this incident. We are taking measures to try to ensure that such an incident will not occur again. The Foundation is committed to maintaining the highest standard of governance and is re-examining internal procedures to ensure that they are robust,” it added.
Educations institutions are often favourite targets of hackers and spammers and increased cyber-security awareness has so far not been able to curb the menace. In the UK, the police’ Action Fraud department recently revealed that cyber criminals are calling educational institutions and asking for staff members’ personal email addresses and phone numbers, claiming that they need to send them guidance forms that contain sensitive information. The scammers claim that they are from the “Department of Education” – although the UK government’s department for schools is called the Department for Education.