The National College of Ireland (NCI) and the Technological University of Dublin have disclosed ransomware attacks that hit their IT systems. In a notice shared by the NCI on their website, the college explained that their IT services were experiencing a “significant disruption”, though they did not specifically name ransomware as the reason initially.
“National College of Ireland is currently experiencing a significant disruption to IT services that has impacted a number of college systems, including Moodle, the Library service and the current students’ MyDetails service,” the initial notice reads.
Another notice posted a day later clarified that the disruption was caused by a ransomware attack. The collage has contacted relevant authorities and parties, including the Data Protection Commissioner and Gardai. It appears that at the time of writing, the collage ‘s IT systems were still down.
The Technological University of Dublin also suffered a ransomware attack at a similar time. A short notice posted on the university’s website explained that ICT systems on Tallaght campus were disrupted and the helpdesk was not able to respond to requests while the incident was investigated.
“Disruption to some ICT systems on Tallaght campus but secure remote access to key services is available. ICT Helpdesk cannot respond to requests while issues are investigated,” the notice says.
In an email later sent to students and obtained by DataBreaches, it was revealed that the disruption was a serious ransomware attack on their entire on-site ICT systems. Like the National College of Ireland, the incident was reported to relevant statutory authorities including the Office of the Data Protection Commissioner and An Garda Siochana.
“The Tallaght campus has been subjected to a significant ransomware attack on our entire on-site ICT systems. The disruption to services occurred early on Thursday morning and the cause later identified as a ransomware attack. Due to the malware encryption put on our systems in this attack, we do not currently have user access to our main ICT systems and back-ups on campus. At this time, our cloud-based services appear unaffected but are being reviewed,” the email explains.
Which ransomware infections were behind the attacks, the demands, or even how the attacks happened in the first place was not disclosed in both cases. More information will likely be revealed once the investigation and remediation efforts are complete.