No Comments

Universidade Positivo may have been a victim of ransomware


Ransomware attacks are increasingly common, and it seems that the last victim of this type of attack here in Brazil is Universidade Positivo, a teaching institution that was founded by Grupo Positivo and later sold to Cruzeiro do Sul Educacional group .

The Hack was contacted, last Wednesday (7), by a source who preferred to remain anonymous and who guaranteed that the company’s critical systems had been hijacked by ransomware. Although the internet user preferred not to identify himself, the property with which the information was passed on allows us to conclude that he himself is a student or even part of the faculty of the institution.

At the time of this writing, the official website of Universidade Positivo was down, being replaced by a temporary page directing students and candidates to the 2021 selection process for the D2L Virtual Learning Environment. Evaluation periods and monthly payment were also postponed.


Exclusively to The Hack, Positivo University sent us a position confirming that there was a “hacker attack”, but did not cite a ransomware.

“Universidade Positivo (UP) informs that the hacker attack that occurred last Wednesday (7) against Positivo Educacional also impacted the Institution’s services, since it still uses the same systems and technology park as Grupo Positivo.

The investigation is being conducted by the police, however the group’s IT team took the sites offline, preventively, as soon as the invasion was detected, in order to stop possible data leakage and check the extent of the damage.

We emphasize that contingency measures are being taken and, therefore, the UP website will be offline until the situation is normalized. We will keep the community informed of the progress of the investigations. “

Notice the “police” part. Conventional cyber attacks do not usually involve authorities, unless they involve a ransom request in large amounts of money … Which is exactly what a ransomware does.

Furthermore, it is also interesting to note that, when saying that it still uses Grupo Positivo’s computing environments and systems, the institution implies that the central attack was directed at Positivo, not the university itself. At the time of writing this report, however, all of the sites in the group in question were functioning normally and there was no evidence of service interruption.

See the original post at:

You might also like

More Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.