- Applicants at three private colleges -- Grinnell, Hamilton and Oberlin -- reportedly received ransom notes from hackers claiming to have accessed their application files
- The allegedly hacked data included personal information as well as notes from admissions' officers, their interview reports and acceptance decisions
- The hackers asked for $3,890 in bitcoin payments, but later lowered the amount to $60, according to emails posted on Twitter and Reddit.
Applying to college is a stressful process, but now some applicants to Grinnell and two other private colleges are having to deal with a headache beyond writing personal essays: Fending off ransom requests from hackers who claimed to have gained access to their files.
Applicants at Grinnell, Hamilton and Oberlin colleges reportedly received ransom notes from hackers claiming to have accessed their application files. The three elite colleges share a data system called Slate that tracks applicant admissions, according to the Wall Street Journal, which first reported the hack.
The stolen data reportedly included personal information as well as notes from admissions' officers, their interview report and acceptance decisions. Initially, the hackers asked for $3,890 in bitcoin payments, but later lowered the amount to $60, according to emails posted on Twitter and Reddit.
Ransomware threats have been on the rise, with hackers and scammers targeting consumers and institutions like hospitals with threats of exposing sensitive information unless they pay up. But targeting college applicants appears to be a new twist, with the scammers apparently gambling that students would be willing to pay up in exchange for a peek at their application files -- including whether they had been accepted or rejected.
Hamilton College and Grinnell College said they had no evidence that personal financial information, such as the data provided in financial aid applications were part of the hack. In an email, Oberlin said it hasn't received reports that students received emails from the hacker, but added that it is investigating the scope of the attack.
"Some components of student applications appear to have been accessed, but data such as credit card information and social security numbers are encrypted in our database, and there is no evidence that this information was obtained," Hamilton spokesman Mike Debraggio wrote in an email to CBS MoneyWatch.
On Twitter, Grinnell advised applicants not to respond to the emails. "We have contacted appropriate authorities, including the Federal Bureau of Investigation," it noted.