A recent cybersecurity attack at Johns Hopkins University and its Health System has impacted the school and led to an entire investigation.

In a letter sent to the Hopkins community, officials said that their cybersecurity team had an initial evaluation resulting in the attack impacting the information of Johns Hopkins employees, students and patients.

“Johns Hopkins takes the privacy and security of our community members extremely seriously. Our cybersecurity team is working closely with data security experts and law enforcement to determine what information was involved,” the letter said. “We will provide updates as soon as they become available and will contact directly and individually anyone who was impacted by this attack.”

Learn the benefits of becoming a Valuetainment Member and subscribe today!

Cybersecurity expert Bill Sieglein explained the likely origins of the attack in an interview stating, “This was called a ‘zero-day attack,’ meaning the attackers, who are out of Russia, a group known as CLOP, they discovered a vulnerability in this piece of software called MOVEit.”

Sieglein explained MOVE it as a piece of software that “allows you to move large data files between networks and between systems. They found a vulnerability before anybody knew about it and, all at once, launched an attack worldwide.”

Hopkins is now in the hot seat, recommending people to monito their accounts, be aware of any and suspicious emails and sign up got credit-monitoring services for anyone who thinks they could be impacted.

“We took immediate action to secure our systems, and we are working closely with a leading cybersecurity firm to investigate the attack,” the letter said.

“One of the issues becomes ransomware,” Sieglein continued. “So, the attackers have done something where they steal the data and then they notify all their victims: ‘Hey, we have your data. If you want it all back all in one piece, you’re going to pay up some money.”

Add comment