Hackers Break into Bluefield University, Hijack Alert System and Leak College President’s Info

Avoslocker ransomware operators have breached Bluefield University’s systems to steal data and issue threats via the institution’s internal alert mechanism.

Bluefield, a private Baptist university in Bluefield, Virginia, boasts academic offerings including business, forensic science, graphic communication, criminal justice, teacher education, and Christian studies. It is accredited by the Southern Association of Colleges and Schools and is known for its classroom technology and personalized instruction.

Bluefield suffered a cyber intrusion late last month that impacted its systems and delayed exams.

“Upon learning of this issue, we immediately engaged the provider and independent third-party cybersecurity experts to assist in our review and remediation efforts, but it may be a few days before full functionality can be restored,” reads the latest update on bluefield.edu. “We are working through the investigation to determine the nature and extent of the incident.”

The school claims to have “no evidence indicating any information involved has been used for financial fraud or identity theft.”

The attackers also breached the university’s mass alert system, RAMAlert, and used it to tell students who they are, that they have their personal information and that they plan on leaking it, in what appears to be a typical ransomware operation.

“DO NOT ALLOW the university to lie about severity of the attack! As proof we leak sample Monday 1 May 2023 18:00:00 GMT (2:00:00 PM),” the attackers threatened, as shown in a screenshot obtained by databreaches.net from “a concerned person” at the university.

Credit: databreaches.net

Avoslocker subsequently added the university to its leak blog, claiming to be sitting on “1.2 TB data from a college with cyber insurance policy that doesn’t care about protecting students.”

The attackers call Bluefield management “a circus” scrambling to find answers regarding the breach, and “lying to students and media about the severity.”

To back their claims, Avoslocker have leaked information allegedly belonging to the college’s president as well as files claiming to prove the college applied for ransomware cyber insurance.