Erie, US-PA: Mercyhurst University ransomware attack

Erie, US-PA: Mercyhurst University ransomware attack 1


In the note released this morning by the ransomware group LockBit 2.0, within the Tor networks, we read that the deadline for the payment of the ransom, before the exfiltrated data is published, is set for May 22.

Mercyhurst University data breach

Mercyhurst is a private university founded in 1926 by the Sisters of Mercy of the Diocese of Erie and today it is organized into four colleges

➩ Hafenmaier College of Humanities, Arts, and Social Sciences

➩ The Walker College of Business

➩ The Zurn College of Natural and Health Sciences

➩ The Ridge College of Intelligence Studies & Applied Sciences

It is precisely from the last of the four colleges that we want to speak today after the announcement of LockBit 2.0, and the claim on the attacks on the IT infrastructures of Mercyhurst University.

The (possible) paradox.

Last March, Ridge College organized Cyber ​​Impact 2022, a “three day” with simulations of large-scale cyberattacks. The academic event was overseen by the U.S. Department of Defense (DOD) and led by US Army Task Force 46.

In the presentation form visible at the URL you can read:

“The Ridge College has a long history of collaborating with governmental agencies and business organizations on research, internships, and projects,” said Mercyhurst President Kathleen A. Getz, Ph.D. “That we have been invited to participate in an event of this magnitude, to identify cyber threats, distinguish gaps in response, and develop solutions for safeguarding our homeland, is a credit to the work of our faculty, staff, and students, and is a testament to the reputation we have built in the fields of intelligence and cybersecurity.”

We have absolutely no doubt what the president of Mercyhurst said, but the fact that, just a month after the event, her university could have been the subject of a cyber attack would be a paradox.

In the presentation form published by the university before the event, we were intrigued by a consideration released by Christopher Mansour (Assistant Professor of Cyber ​​Security Mercyhurst University)

“Considering how devastating cyberattacks on critical infrastructure can be, it’s important to test our vulnerabilities so that we can work toward preventing them in the future”

Among the speakers present at Cyber ​​Impact 2022 last March, Mercyhurst professors as well as Christopher Mansour were Brian Fuller (Director of Operations for the Ridge College of Intelligence Studies and Applied Sciences) and speakers from important institutions: MIT, FBI, FEMA, Army Cyber ​​Institute, Niagara University, Ontario Police Cybercrime Investigation Team and US Coast Guard District 9.

At the moment there is no certainty about the cyber attack, but only a press release released by LockBit 2.0 without objective evidence, while no statement at the moment appears to have been released by the university. sent an email to Executive Communications Officer, Director of Public Relations Debbie Morton asking for a statement on the matter, a second request for comment was also sent to the LockBit 2.0 ransomware group. At the time of publishing this article, we have not received any responses.


Updated on 05.17.2022 at 01:30 pm
LockBit 2.0 modifies the note published on its blog by adding the amount of data exfiltrated during the cyber attack which, according to the ransomware group, would be 300 GB. The deadline for the payment of the ransom remains May 22.

Erie, US-PA: Mercyhurst University ransomware attack 2