The University of Calgary paid a $20,000 ransom after a ransomware was planted on its email server.
The university announced the ransom payment Tuesday, a week after the initial attack.
“As part of efforts to maintain all options to address these systems issues, the university has paid a ransom totalling about $20,000 Cdn that was demanded as part of this ransomware attack,” Linda Dalgetty, vice-president of finances and services, said in a release.
“A ransomware attack involves an unknown cyberattacker locking or encrypting computers or computer networks until a ransom is paid, and when it is, keys, or methods of decryption, are provided,” the release said.
“There is no indication that any personal or other university data was released to the public,” Dalgetty said.
University officials don’t know the source of the ransomware cyberattack, or if it was one person, a group, local or international. There had been one minor data breach at the school, but this attack was different because it encrypted the university’s email server.
The decision was made to pay the ransom “because we do world-class research here … and we did not want to be in a position that we had exhausted the option to get people’s potential life work back in the future if they came today and said, ‘I’m encrypted, I can’t get my files,'” said Dalgetty. “We did that solely so we could protect the quality and the nature of the information we generate at the university.”
Even though the ransom has been paid, there was no guarantee that the problem would be solved. But Dalgetty said that the university has been able to confirm the decryption keys work.
The cyberattack targeted only staff and faculty emails, not students. But for a time, staff and students were being warned not to use any school-issued computers and couldn’t access email.
The university continues to work toward getting the files that were locked back online.