Univ. of Kentucky, UK Healthcare Ends Month-Long Cyberattack

Hackers from outside the U.S. infiltrated the University of Kentucky’s computer networks and used its processing capabilities to mine cryptocurrency.

Univ. of Kentucky, UK Healthcare Ends Month-Long Cyberattack

Kentucky’s largest university system rebooted its computer networks Sunday after a month-long cyberattack that officials say was the worst in university history.

According to officials, the three-hour campus-wide network outage at the University of Kentucky (UK) and UK Healthcare was successful at “mitigating the existing cyber threat,” reports  Lexington Herald-Leader.

Eric Monday, UK executive vice president for finance and administration, said unidentified threat actors from outside the U.S. infiltrated the system back in February and installed malware that used UK’s “vast processing capabilities” to mine cryptocurrency.

Cryptocurrency mining is a process in which transactions between users are verified and added into the blockchain — a public list of all transactions. The primary purpose is to set the history of transactions in a way that is computationally impractical to modify by any one entity.

Monday said UK’s system is pinged daily by attackers trying to penetrate the system but most fail. The hackers from this cyberattack entered through a university server outside UK Healthcare.

The attack caused computer systems used by students and employees to slow down or temporarily fail. Disruptions were mainly seen at UK Healthcare, which operates UK Albert B. Chandler Hospital and Good Samaritan Hospital. Both hospitals serve two million patients.

University spokesman Jay Blanton said an investigation into the attack found no evidence that patient or student data were compromised. Patient safety and access to care were never comprised but day-to-day functions were likely interrupted, he added.

University of Louisville Associate Professor of Computer Science and Engineering Dr. Adrian Lauf told Lexington Herald-Leader the return for mining cryptocurrency is nowhere near the value of patient health information, which is why he is “surprised that, given the value of public health information, it was not taken.”

“It’s like breaking into a bank to go steal something from the vending machine,” he said.

As a result of the attack, the university hired an independent computer forensic firm to help improve cybersecurity, according to Info Security magazine. The firm installed CrowdStrike security software to prevent future threats.

It is estimated the school spent more than $1.5 million to eject the malware from its network and improve cybersecurity.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author


Amy is Campus Safety’s Executive Editor. Prior to joining the editorial team in 2017, she worked in both events and digital marketing.

Amy has many close relatives and friends who are teachers, motivating her to learn and share as much as she can about campus security. She has a minor in education and has worked with children in several capacities, further deepening her passion for keeping students safe.

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety Conference promo