Ransomware group Inc today claimed responsibility for an alleged cyber attack against Florida Memorial University. The attackers posted scans of passports, Social Security numbers, and copies of contracts on its website as evidence.

FMU ransomware proof pack

Florida Memorial University hasn’t confirmed or denied the attack as of time of writing. Comparitech contacted the University for comment and we’ll update this article if it responds.

We don’t know yet if the stolen data belongs to students or staff, what exact info was stolen, how hackers infiltrated FMU’s systems, or whether any of the school’s services have been interrupted as a result of the attack.

fmu data leak

Students and staff should take precautions to safeguard their accounts and identities. We advise changing passwords, checking accounts for suspicious charges, and being on the lookout for phishing messages from scammers posing as FMU or a related organization. Potential victims should monitor their credit closely and consider a fraud alert or credit freeze, given that the data allegedly includes Social Security numbers.

Who is Inc Ransomware?

Inc Ransomware emerged in July 2023 and targets a wide range of victims in healthcare, education, and government. Its methods involve spear phishing and exploiting known vulnerabilities in software such as Citrix NetScaler.

Other recent Inc victims this month include Barrie Community and Family Health in Barry, Canada, and the NHS in the UK. Its earlier victims include Xerox, CellNetix Pathology and Laboratories, Tri-City Medical Center in California, Liberty Hospital in Missouri, Ingo Money, Yamaha Motor Philippines, and King Aerospace.

About Florida Memorial University

Florida Memorial University is a private, Christian, historically black college in Miami Gardens, founded in 1879. It serves more than 1,000 students.

About ransomware attacks on the US education sector

Ransomware attacks can paralyze school systems that teachers and students depend on for communication, submitting assignments, receiving grades, admissions, billing, and more. Ransomware groups like Inc often engage in “double extortion” attacks in which victims are required to pay twice: once to decrypt data and restore systems, and again for not selling or publicly disclosing the stolen data.

2022 saw 65 ransomware attacks on US schools and colleges, impacting nearly 15,000 schools and more than a million students across the nation. On average, schools lost 11.65 days to downtime following a ransomware attack.

Ransom demands can vary wildly. In 2022, we saw demands range from $250,000 to $950,000. The cost of downtime and remediation is often higher than the ransom itself.