Vice Society claims ransomware attack on Med. University of Innsbruck

The Vice Society ransomware gang has claimed responsibility for last week's cyberattack against the Medical University of Innsbruck, which caused severe IT service disruption and the alleged theft of data.

The research university has 3,400 students and 2,200 employees and offers extensive medical care services, including surgeries.

The Austrian university disclosed an IT outage on June 20, 2022, restricting access to online servers and computer systems.

On June 21, 2022, the university's IT team proceeded to reset all 3,400 students' and 2,200 employees' account passwords and called everyone to go through a manual process of personally collecting their new credentials.

In the days that followed, the university gradually restored its online services and returned operations to its main site, which had previously been initially taken offline. 

However, the university has only mentioned that they were attacked but did not provide any further details in their published statements and status updates.

Vice Society claims responsibility for attack

Yesterday, Vice Society added the Medical University of Innsbruck to its data leak site, leaking an extensive list of documents allegedly stolen during last week's cyberattack.

Medical University of Innsbruck on Vice Society extortion site

A limited review of the leaked data confirms that they appear genuine and have the university's letterhead, lecturer signatures, and other authenticity elements.

Bleeping Computer has contacted the Medical University of Innsbruck to validate if the IT disruption is linked to the alleged ransomware attack, and we will update this post as soon as we receive a response.

If a ransomware attack is indeed the reason behind last week's disruption, the fact that the hackers posted all data and not just a sample, a full week after the attack occurred, could mean that the negotiations for a ransom payment have reached a dead end, or never took place.

Typically, Vice Society uses a countdown timer to extort a newly announced victim before publishing files, so there's no extortion taking place now.

Vice against Europe

Vice Society has been targeting European organizations lately, focusing specifically on state/public entities and educational institutes.

At the start of the month, we reported that the particular ransomware group wreaked havoc in the Italian city of Palermo, depriving 1.3 million people of enjoying a broad spectrum of the municipality's services.

Other victims listed recently on the Vice Society onion site include a college in the UK, a hospital in Italy, and two universities in the UK. This makes the Medical University of Innsbruck the fifth disclosed European victim of Vice in the past month.