Bluefield University is a private Baptist educational institution located in West Virginia. On April 30, staff informed students and faculty that the site had been hacked, but said it had yet to see any evidence of “financial fraud or identity theft” as a result of the incident.

what is known

The group that attacked the university calls themselves Avos or AvosLocker.

On May 1, about a day after Bluefield disclosed the hacking incident, Avos apparently used their network access to take control of the emergency broadcast system. Bluefield uses a system called RamAlert, which he describes as “a wireless emergency alert system designed to improve communication with students, parents, faculty, and staff during campus crises.” The system was no longer controlled by administrators, but by hackers who used it to warn students and faculty that the university’s network was compromised and their data was stolen.

Hello, Bluefield University students! We are AvosLocker. We hacked a university network to steal 1.2 terabytes of files. We have enrollment data for thousands of students. Your personal information is at risk of being leaked to the darknet,
– wrote in the message.

The criminals also said that if the management of the institution did not pay the ransom, they would continue the attack. They also promised to release some of the stolen information to prove the veracity of their words.

Bluefield later issued another statement acknowledging that Avos “affected the RAMAlert bulk notification system” and warned students not to “follow or reply to links provided by this person.”

The source did not say anything about the size of the ransom or whether the university is considering paying.