8. University of Utah pays big

The University of Utah announced in August that they’d agreed to pay their cyberattackers $457,000 not to release stolen data. The stolen data, they said, represented only tiny percentage of what it held on its servers, but a cyberinsurance policy was used to cover much of the demand so as not to risk exposing the personal information of students or staff. “This was done as a proactive and preventive step to ensure information was not released on the internet,” a university statement read. Though the university didn’t disclose which group was responsible, at least one researcher blamed NetWalker.

Colin Wood

Written by Colin Wood

Colin Wood is the editor in chief of StateScoop and EdScoop. He’s reported on government information technology policy for more than a decade, on topics including cybersecurity, IT governance and public safety.

Latest Podcasts