Maastricht University will receive some 500,000 euros back from the ransom paid to cyber criminals in 2019 – much more than it paid at the time. A university spokesperson confirmed this on Saturday after reporting from de Volkskrant† The university transferred nearly 200,000 euros in ransom in bitcoins at the end of 2019, after cybercriminals shut down the university’s digital systems. A cybersecurity firm then arranged for the university to resume teaching.
De Volkskrant reconstructed how the cybercrime team of the Limburg police tracked down part of the ransom paid, after which the Public Prosecution Service seized the account of a Ukrainian money launderer in 2020, who had 40,000 euros of the ransom in possession as crypto currency. When after two years it was possible to get the money to the Netherlands, it was worth about half a million euros due to a rise in the price of the crypto coin. The hackers responsible themselves have not been caught and investigations into them for the attack on the university are still ongoing.
The money has already been converted from crypto to regular currencies, but legal arrangements need to be made before it is credited to the university’s account, the university spokesperson said. Despite the fact that Maastricht University gets more money back than it paid in ransom, the spokesperson does not want to speak of profit: “The actual costs incurred are a multiple of what we are now getting back.” According to the spokesperson, the university plans to use the money to create a fund for students with financial difficulties.
Also read this article about the hack in 2019: After a fatal click, hackers had free rein