On March 29, 2021, the Clop ransomware hacker group began leaking screenshots of sensitive data that was stolen (allegedly) from two U.S. Universities online. The leaked screenshots include federal tax documents, tax summary documents, passports, Board of Nursing applications and tuition remission paperwork. These documents include social security numbers, addresses, passport numbers with their photos, and birth dates.
The leaked screenshot of documents have been alleged to belong to the University of Maryland (UMD) and the University of California (UC).
Also leaked by the Clop group were late enrollment benefit application forms for UC employees, and UCPath Blue Shield health plans and enrollment requests. Below are redacted screenshots which were published and viewed by ZDNet via Kela’s Threat Intelligence suite DarkBeast.
Federal Tax Form
UCPath Late Enrollment Form
Earlier this month, the Clop group also allegedly leaked data from two other Universities – University of Miami and University of Colorado.
The Clop group has been associated with a series of cyber-attacks on businesses. In February of 2021, they also released redacted sensitive files and data from Jones Day Law Firm on the Dark Web.
The Clop group uses a “double blackmail” tactic, meaning they will deploy ransomware first onto a compromised machine, and then threatens to leak the stolen and sensitive data unless their demands for blackmail are met.
The University of Maryland and University of California have not made a statement as of March 30, 2021.