The ransomware group, Vice Society, has taken credit for the hack against the Medical University of Innsbruck a week ago. This attack resulted in a serious disruption of IT services and is suspected of having resulted in the theft of data.

The research institution includes 3,400 students and 2,200 staff members and provides comprehensive medical care services, including surgical procedures.

On June 20, 2022, the Austrian university informed the public that it was experiencing an IT outage, which restricted access to online servers and computer systems.

On June 21, 2022, the IT team at the university proceeded to reset the account passwords of all 3,400 students and 2,200 employees. They then called everyone and instructed them to go through a manual process in which they physically collected their new credentials.

In the days that followed, the institution gradually began to restore its online services and returned operations to its primary site, both of which had been taken offline in the days leading up to this point.

However, in their published comments and status updates, the university has just acknowledged that they were assaulted but has not provided any additional specifics about the attack.

Vice Society claims responsibility for the attack.

The Vice Society has added the Medical University of Innsbruck to its data leak site and has released a comprehensive list of papers that were reportedly taken in the incident that occurred the previous week.

A cursory examination of the compromised files reveals that they have the educational institution’s letterhead, the lecturers’ signatures, and other identifiers that point to their genuineness.

Bleeping Computer has reached out to the Medical University of Innsbruck to confirm whether the IT outage can be attributed to the suspected ransomware assault.

If a ransomware attack was indeed the cause of the disruption that occurred a week ago, the fact that the hackers posted all of the data rather than just a sample of it a full week after the attack occurred might suggest that the negotiations for a ransom payment have reached a dead end, or that they have never taken place at all.

The typical method that Vice Society uses to extort a newly announced victim before publishing files is a countdown timer; however, the organization is not currently engaging in any form of extortion at this moment.

Vice against Europe

In recent months, Vice Society has been concentrating its attacks on European organizations, particularly governmental and public institutions and educational establishments.

At the beginning of the month a specific ransomware organization caused chaos in the city of Palermo, Italy. As a result of this attack, 1.3 million Palermo residents could not take advantage of a diverse range of services provided by the local government.

A hospital in Italy, a college in the United Kingdom, and two universities in the United Kingdom are some of the other victims that have been named on the onion site of the Vice Society recently. As a result, the Medical University of Innsbruck is the fifth institution of higher education in Europe to come forward as a victim of Vice in the last month.

Update June 28, 2022: A representative of the Medical University of Innsbruck has contracted out to Bleeping Computer to confirm that the IT disruption that occurred one week ago was, in fact, the result of an attack carried out by the Vice Society. The following comment was made by the spokesman in regard to the information that was disclosed:

On the dark web, data that originated from servers maintained by the Medical University of Innsbruck have been made public. At this very moment, analyses and examinations into the breadth and character of the data are being carried out.