Hacker had five days unnoticed access to network TU Eindhoven
:format(webp)/s3/static.nrc.nl/images/gn4/stripped/data126633164-b82aad.jpg "Hacker had five days unnoticed access to network TU Eindhoven")
The hacker who carried out a cyber attack in January at Eindhoven University of Technology (TU/e) had been in the network unnoticed for five days. That is apparent from one on Monday technical research This was carried out by cyber security company FOX-IT on behalf of the TU/e.
It remains unclear who or which group was behind the attack. Based on the attack methods used, the report concludes that it is probably a ransomware group that was after ransom. With such attacks, the hacker files or the entire system ‘hosts’, and only releases it when an amount of ransom is paid. The research shows that no data has been stolen and no ransom has been paid.
According to the report, De Hacker logged into the network of TU Eindhoven on 6 January. The presence was only discovered by the university on Saturday 11 January. That happened when the hacker tried to disable the backups, a well-known method of digital hostage-taking.
After discovering the hacker on Saturday, the TU/e decided to be in its own network all -offline to get. As a result, education at the university stopped for a week.
Hacked accounts
According to the report, there were several gaps in the cyber safety of the university at the time of the attack. For example, the TU/e had no multifactor authentication on the VPN network, a method to verify the authenticity of a user. The cyber criminals made use of ever hacked accounts whose login details were on the ‘Darweb’. The university previously had these accounts change their password, but the old passwords could be reused.
The burglars were also able to request crucial data from a domain controller, the server responsible for the management of network and identity security requests. According to TU/e, these shortcomings in cyber security have since been tackled.
It happens regularly that educational institutions are the target of cyber attacks. For example, computer systems from Maastricht University were digitally hostage in 2019. The university then paid 200,000 euros ransom in Bitcoin. And in 2021, the systems of the Hogeschool van Arnhem and Nijmegen (HAN) were broken into, after which the stolen data of 56,000 students and employees were offered for sale online.
Read also
The library is empty at the Eindhoven University of Technology and the coffee tent closed
:format(webp)/s3/static.nrc.nl/wp-content/uploads/2025/05/18140148/data132354151-8ab1a1.jpg "Trump and Putin again speak of Ukraine, but Moscow has so far avoided any attempt at serious negotiations")
:format(webp)/s3/static.nrc.nl/wp-content/uploads/2024/12/13115129/data125523936-195533.jpg "Trainer FAROLI leaves Ajax after a season")
/s3/static.nrc.nl/wp-content/uploads/2025/05/19081123/web-1905BUIcontroles.jpg "German government wants to perform border controls, but according to police union, agents are already on their toes")
