Notice of Cyber Attack - Statement from the Rector of the University of Maribor
On October 23, 2024, in the evening hours, a large-scale cyber attack using ransomware was launched on the central IT infrastructure of the University of Maribor, resulting in the disruption of all services, including email, the online classroom environment, websites, digital identity services, academic, HR, and financial information systems, the use of MS Teams, OneDrive, and others.
In addition to the dedicated IT experts at RCUM and IT coordinators, the University of Maribor immediately received assistance from numerous external institutions with their specialists. A crucial piece of information for staff, students, and all other individuals is that all investigations and findings collected from various sources to date indicate that the cyber attack did not involve any breaches of (personal) data or their extraction. The attack merely rendered access to digital data unavailable. Until now, the University of Maribor has not received any information about data leakage or threats indicating that data has been stolen.
Using backup systems and other recovery procedures, the University of Maribor is gradually and cautiously restoring the operation of systems, such as wired and wireless networks, student email services, MS Teams, websites, other M365 services, HR systems, payroll processing systems, financial and accounting systems, the Moodle online classroom, and others. These services are already operational. Regarding other IT services, numbering approximately 300, that were available before the attack, we inform you that they will only be made available once they are adequately prepared and secured. Due to numerous factors, it is not possible to predict exact timelines.
With this notice, we aim to provide all stakeholders with detailed updates on the current findings and, most importantly, to emphasize that we can assert with high confidence that no personal data breaches occurred as a result of the cyber attack. The data stored on disk capacities was encrypted, rendering it unreadable and unusable, but it was not exported or stolen.
We will continue to provide regular updates on the progress of the comprehensive restoration of the University of Maribor’s IT systems. At the same time, we will establish new security standards to elevate the culture of using IT services to an even higher level.
Sincerely,
Rector Prof. Dr. Zdravko Kačič