article featured image


A November 2022 cyberattack on the University of Duisburg-Essen (UDE) by the Vice Society ransomware gang forced the university to reconstruct its IT infrastructure, which continues today.

During the network breach, the threat actors allegedly stole files from the university, exposing potentially sensitive details about the university’s operations, students, and staff.

The UDE has since confirmed that they are aware of the threat actors’ publication of the stolen data and won’t be paying a ransom.

The criminal group responsible for the cyber attack on the University of Duisburg-Essen (UDE) at the end of November has now published data on the Darknet. The university did not comply with the attackers’ demands and did not pay a ransom.


According to BleepingComputer, the leaked files include backup archives, financial documents, research papers, and student spreadsheets. The files appear genuine, but their authenticity cannot be verified.

The attack on the University of Duisburg-Essen continues Vice Society’s ransomware operation’s targeting of educational institutions.

A ransomware gang attacked Cincinnati State Technical and Community College, the Medical University of Innsbruck, and the Los Angeles Unified School District in 2022.

The FBI, CISA, and MS-ISAC released a joint advisory warning that the ransomware gang is increasingly targeting U.S. schools.

Rebuilding UDE’s IT Infrastructure

The cyberattack was disclosed by UDE on November 28th, 2022, forcing the university to shut down all email, communications, and IT systems until further notice. Exams were also canceled before Christmas.

UDE’s IT experts had restored several core systems by December 07th, 2022. On December 22nd, 2022, 40,000 people had their passwords reset for the online learning platform.

UDE, however, was still far from resuming normal operations.

The University of Delaware informed its students and staff on January 9th, 2023, that the only way to restore all systems would be to reconstruct the entire IT infrastructure due to the extensive damage caused by the cyberattack.

The cyberattack affected 1,200 servers and compromised the central authorization system, so restoring them would be impossible.

The University of Düsseldorf has 43,000 students, 4,000 academics, and 1,500 administrative staff. It is considered the top German university in the field of physics.

UDE’s CISO, Marius Mertens, discussed the successful mitigation of ransomware attacks during a 2019 interview. He highlighted the importance of the university’s supercomputer, which ranked among the top 500 in Europe, and explained that disruption to its operations would result in significant financial losses.

Having downtime would cost us millions of euros when converted to lost CPU hours. For example, losing CPU hours for a week would cost us €75,000.


Heimdal Official Logo

DNS Security for Dummies

Learn More

An eBook that gives a comprehensive role-based security approach and addresses the numerous dangers to the Domain Name Systems (DNS) as cyberattacks increase globally.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, YouTube, and Instagram for more cybersecurity news and topics. 

Author Profile

Gabriella Antal

SMM & Corporate Communications Officer

linkedin icon

Gabriella is the Social Media Manager and Cybersecurity Communications Officer at Heimdal®, where she orchestrates the strategy and content creation for the company's social media channels. Her contributions amplify the brand's voice and foster a strong, engaging online community. Outside work, you can find her exploring the outdoors with her dog.

Leave a Reply

Your email address will not be published. Required fields are marked *

Protect your business by doing more with less

Book a Demo