Ransomware cyber attack information
Dear Lancaster University,
Do you have any end point or anti-virus software installed on your network devices?
Has your organisation ever been the victim of a ransomware attack which meant that an external hacker encrypted a PC or device or network within your organisation and demanded payment in order to decrypt the device? Y/N
If Yes
How often have you experienced an attack in the last 12 months?
How much did the attacker demand as a ransom for each attack?
How did you respond:
a) We paid the ransom
b) Threw away the device
c) Used decrypter or other technology to regain the use of the encrypted device
c) Other (Please describe)
Did you notify the police? Y/N
If yes
What was their advice?
Yours faithfully,
Sarah Daniels
Thank you for submitting a request for information from Lancaster
University under the Freedom of Information Act. Your request ID is: 1942.
Please quote this in all enquiries.
We will endeavour to respond to your request as soon as possible, and this
will be within a maximum of twenty working days from the working day
following receipt. If we do not hold the information you have requested,
we will confirm this to you.
If you have supplied an email address, contact will usually be via email,
otherwise, this will be by letter.
Should we require further clarification in order to respond to your
request, or if the request is chargeable, we will contact you. We
appreciate your patience while we deal with your request. If you have an
enquiry regarding your request, email: [email address]
The personal information you have supplied will be stored by Lancaster
University under the terms of the Data Protection Act 1998 and used to
process the request; it will be retained for a reasonable period.
Lancaster University ensures that only staff that have a business reason
to look at your information or data can do so. Lancaster University will
never sell personal information or data or share personal information or
data with third parties unrelated to the services we provide unless we are
required to do so by law or unless you have told us you consent to our
doing this.
Yours sincerely
Departmental Information Officer
Lancaster University
Lancaster LA1 4YW
United Kingdom
Telephone (01524) 65201
Dear Ms Daniels
I write further to your Freedom of Information request i.d. 1942 and give
below our response:
‘Do you have any end point or anti-virus software installed on your
network devices?
Has your organisation ever been the victim of a ransomware attack which
meant that an external hacker encrypted a PC or device or network within
your organisation and demanded payment in order to decrypt the device?
Y/N
If Yes
How often have you experienced an attack in the last 12 months?
How much did the attacker demand as a ransom for each attack?
How did you respond:
a) We paid the ransom
b) Threw away the device
c) Used decrypter or other technology to regain the use of the encrypted
device
c) Other (Please describe)
Did you notify the police? Y/N
If yes
What was their advice? ‘
I can confirm that Lancaster University takes a range of security measures
to protect its network, hardware and users. I am unable to provide any
details of this or to answer any of your further questions. Information
provided in response to FOI requests has to be assumed to be entering the
public domain. This would be likely to negatively impact our ability to
prevent or detect criminal attacks on our network. The information is
therefore exempt from disclosure under Section 31(1)(a) and 31(1)(b) of
the Freedom of Information Act relating to Law enforcement, and this email
acts as our refusal notice.
Regards
Compliance Team
Secretariat
Your request i.d. is: 1942. Please quote this in all enquiries.
The University aims to comply fully with its obligations under the Freedom
of Information Act 2000 and to ensure that the service it provides for
those wishing to gain access to information is helpful and effective.
The personal information you have supplied will be used only to process
your request; some details will be retained for our records after the
request has been answered. This information will not be passed on to other
parties unrelated to the University unless we are required to do so by
law, or where it would be necessary to answer the request in full (in
which case we would seek your consent for any transfer).
Process for Making a Complaint
If you feel the service you have received does not meet our aims or your
expectations, please write to:
Head of Governance Services
University House
Lancaster University
Bailrigg
Lancaster
LA1 4YW
If, following our internal review, you are dissatisfied with the response
provided, you may write to the Information Commissioner’s Office, for
details visit [1]www.ico.org.uk.
Copyright notice
The information supplied in response to your request is the copyright of
Lancaster University and/or a third party or parties, and has been
supplied for your personal use only. You may not sell, resell or otherwise
use any information provided without prior agreement from the copyright
holder.
References
Visible links
1. http://www.ico.org.uk/
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.
Donate Now