Ransomware infects Maastricht University

[German]The University (UM) of the Dutch city of Maastricht has fallen victim to a ransomware attack. All computer systems are currently shut down since December 23, 2019.


The attack must have taken place last Monday (23.12.2019), as the following message from Christmas Eve (24.12.) on the website of the university states.

Maastricht University (UM) has been hit by a serious cyber attack. Almost all Windows systems have been affected and it is particularly difficult to use e-mail services. UM is currently working on a solution. Extra security measures have been taken to protect (scientific) data. UM is investigating if the cyber attackers have had access to this data. It is unclear how much time UM needs to find a solution, but it will definitely take a while for the systems to be fully operational again.

All UM buildings are closed until Sunday, with the exception of the research labs at UNS 50.

Almost all Windows systems of the University of Maastricht (UM) )  are affected, and the use of e-mail services is particularly difficult. UM is currently working on a solution.

Unknown whether scientific data are involved

Additional security measures have been taken to protect (scientific) data. UM investigated whether the cyber attackers had access to this data. It is unclear how much time UM will need to find a solution, but it will certainly take a while until the systems are fully functional again.

System offline until Sunday

In a further statement, dated 27 December 2019, the University of Maastricht (UM) announced that they are currently working day and night on solutions for the ransomware attack that took place on Monday 23 December 2019. Since the discovery of the attack, UM's IT staff has been working hard on solutions together with external specialists in this field. 

The current phase is concerned with forensic investigations and repairs. The focus is on developing solutions that will provide the university with the best possible protection against such attacks in the future.


The Executive Board and the Deans of the Faculties regret the inconvenience this will cause for students and staff. They want to see in the coming days how the students and staff who have problems due to this situation can be taken into account. As requested, the UM has submitted an official report to the police.

In order to work as safely as possible, the UM has temporarily taken all systems offline. Everything is designed to allow students and staff to access the systems as quickly and as phased as possible. It is not yet possible to say when exactly this will be possible, given the scale and scope of the attack. For the same reason it is also not possible to say with absolute certainty which systems are affected and which are not. This requires additional investigations.

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *