2 Canadian Universities hit by Cyber Attacks this Month

Both Simon Fraser University in BC and Lakehead University in Thunder Bay and Orillia were recently hit by a cyber attack this month. 

Students and staff at Simon Fraser University have been warned that a spreadsheet on the computer server that was breached by hackers contained personal information on several current and former students, faculty, staff and student applicants. While no banking details, social insurance numbers or passwords were exposed, the data did contain “student/employee ID numbers and at least one other data element.”

Meanwhile, Lakehead University is also dealing with a breach that forced the institution earlier this week to cut off access to its servers. While few details have been released, Lakehead says the attack was aimed at its file share servers. The school did not disclose the nature of the incident, though. “As soon as Lakehead’s Technology Services Centre (TSC) became aware of the potential threat to our servers, TSC removed all access to them,” the University said. An investigation is underway, trying to determine what servers and information have been impacted by the security incident. Until the assessment completes, “all information used and stored on our file share servers will be inaccessible, and on-campus computers will not be available for use.” Lakehead students had been on “reading week” when the attack was first discovered, and the school has extended the break until February 26.

Ironically, Cyber Security Firm Blue Voyant has also published its “Cybersecurity in Higher Learning” report.  While its report is more US-based, its findings should be taken to heart by all colleges and Universities.  One interesting stat quote by the study states that from 2019 to 2020, ransomware attacks against universities jumped by 100%.  Part of the blame lies with the quick shift to online learning which has increased their cyber security risk.   

While neither Simon Fraser University or Lakehead University have confirmed if the attacks were ransomware, the attacks are still alarming for students and staff.  Simon Fraser University advised staff and students to monitor their “personal accounts and memberships of all kinds for any unusual activity over the next several months.” Lakehead University is resetting all accounts and reminding users that it should be a new, unique password.  The school has also advised that they take advantage of multifactor authentication to further secure their Gmail accounts.  Other steps schools can take to further secure their networks include:

  • Mandating a long password policy of at least 15 characters
  • Monitor accounts for login anomalies
  • Set up password screening