Multiple campuses of Monroe College have had their systems downed after a ransomware attack reportedly struck the for-profit institution on July 11.
The attack reportedly affected each of Monroe’s campuses in Manhattan and New Rochelle, New York, and St. Lucia, and emails have been compromised. Infosecurity contacted Monroe College via the email listed on its website, but the message was returned as undeliverable, indicating that systems are still downed.
The college took to Twitter to share the news with its online students.
In a statement, Marc Jerome, president of Monroe College, said, “Our team is working feverishly to bring everything back online, and we are working with the appropriate authorities to resolve the situation as quickly as possible,” according to Insider Higher Ed.
“In the meantime, Monroe continues to operate. We’re simply doing it the way colleges did before email and the internet, which results in more personal interactions. As we have done throughout our 86-year history, we are coming together to assure that our students, faculty and staff are well served."
An attacker demanded the college pay $2 million to have its files decrypted. Jackie Ruegger, executive director of public affairs at the college, reportedly told Inside Higher Ed that the college knows who conducted the attack. Infosecurity attempted to call the numbers listed on the Twitter message, but the recipient disconnected the calls.
The attack follows a number of university cyber-attacks, including the recent OSU, Graceland University and Missouri Southern State University email-based breaches in the last few months. According to recent data from Mimecast’s State of Email Security report, 56% of organizations in the education sector saw an increase in phishing with malicious links or attachments in the last year. It took 31% two to three days to get back to a recovered state upon suffering an email-based attack. Nearly half (42%) of organizations say ransomware has impacted their business operations in the last 12 months and 73% have experienced two to five days of downtime as a result of the ransomware attack.