American University Of Antigua Cyber Attack Yields Ransom Note


The American University of Antigua (AUA) has become the latest target of the ALPHV ransomware group.

The American University of Antigua cyber attack has resulted in the discovery of a ransom note from the ransomware group outlining a detailed and extensive demand for payment

The note read that hackers will forward sensitive data to lawyers who may (on behalf of students or others) fight against the university so they have proof of the website data being hacked.

The American University of Antigua has not published any notice about the alleged AUA cyber attack in the hands of the ALPHV/ BlackCat ransomware group. AUA is a college of medicine and is located in the eastern Caribbean country of Antigua and Barbuda.

American University of Antigua Cyber Attack

American University of Antigua cyber attack
BlackCat/ ALPHV naming AUA (Photo: Falcon Feeds/ X)

Besides the American University of Antigua cyber attack, ALPHV also added Al Ashram Contracting to its victim list. The hackers uploaded 16 attachments of documents allegedly from the American University of Antigua cyber attack.

American University of Antigua cyber attack
ALPHV naming Al Ashram Contracting (Photo: Falcon Feeds/ X)

The websites of both entities were active when checked by The Cyber Express. The Cyber Express emailed both the listed organizations for comments about the alleged cyber attacks. We are yet to receive a response.

ALPHV hackers made one upload on their dark web portal allegedly from the AL Ashram Contracting cyber attack. Al Ashram Contracting LLC is a leading construction company in Dubai, UAE. They have been a part of the construction sector for over 45 years.

Ransom Note by ALPHV Ransomware Group

The officials of AUA were threatened by the ALPHV ransomware group with multiple warnings in an attempt to extort money.

American University of Antigua cyber attack
Ransom note by ALPHV (Photo: Dark Web Informer/ X)

The hackers from ALPHV ransomware group also known as the BlackCat claimed that they gained access to the AUA systems and continued investigating the data for a long time. They learned about the internal workings of the institution and exfiltrated relevant data that was sensitive and confidential in nature.

Through the American University of Antigua cyber attack, the group downloaded student data which has not been released publicly by them so far. Threatening that the disclosure of the exfiltrated data could lead to serious consequences, ALPHV added that it could also lead to reputational damage and lawsuits.

“If we are unable to agree on a ransom amount or you choose not to pay, we will provide patient advocates with an additional set of documents to submit to the court as evidence,” they wrote further.

This leaves the possibility of the ransomware group already having established communications with the AUA. Student data leaks could be used as a tool to exert pressure on educational institutions that want to maintain a clean slate from attacks and legal actions.

The hackers tried to stir a response from the college authorities by stating that the responsibility to secure the network and student data was solely of the institution. “Once we reach an agreement and you fulfill your payment obligations, we will securely and irrevocably delete all data collected,” the ransom note added.

The ALPHV ransomware group boasted of a reputation for unconditional compliance likely taunting the targeted organization to comply and make the ransom payment. It is up to the authorities to deny making the ransom payment which is encouraged as best practice by legal agencies.

Several hacker groups continue demanding more ransom even after they are paid once. Hence, the legitimacy of assurance made by ransomware groups cannot be trusted even if sensitive data is at stake.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.





Source link