IRVINE, Calif. – Hackers last week posted disturbing videos on Discord groups used by students, faculty, and alumni at the University of California, Irvine (UC Irvine). The videos, which depicted human and animal mutilation, were so gory that some users were traumatized and went to the hospital.
Approximately 3,000 UC Irvine users saw the images before the hackers were blocked by student managers of the Discord group, reports the Orange County Register.
Some students who saw the images vomited so much that they had to be hospitalized, reports ABC7.
The cyberattack happened on January 9. In one message, the hackers demanded a $1,000 ransom, reports NBC Los Angeles.
Students are working with the FBI and UC Irvine police to thwart the hackers. The school is also offering counseling services to those impacted by the cyberattack.
In a statement, UC Irvine said it doesn’t manage the Discord servers, their activity or their security settings. The servers are independently managed.
Hackers that engage in ransomware attacks appear to be escalating their tactics against victims.
In December, some current and former patients who were treated at the Fred Hutchinson Cancer Center and the University of Washington (UW) received threatening emails from hackers following the November 19 data breach against the UW healthcare facilities.
In response to the growing threat of ransomware, last year the U.S. Cybersecurity and Infrastructure Security Agency (CISA) launched its Pre-Ransomware Notification Initiative designed to help organizations thwart ransomware attacks in the early stages of incidents as ransomware actors dwell in a victim’s environment before deploying the ransomware.
According to CISA, that window of time – which can last from hours to days –gives the agency enough time to warn organizations that ransomware actors have gained initial access to their networks. Such a warning could help victims kick the threat actors out of their environment before they have a chance to encrypt data and hold it hostage for a ransom payment.
Any organization or individual with information about early-stage ransomware activity is urged to contact CISA at [email protected].