Looking for the latest information security and privacy insights from EXTEND? Follow us on LinkedIn.
Devastating Ransomware Attack Forced Lincoln College to Shut Down

Lincoln College Shuts Down After Devastating Ransomware Attack

It’s the end of an era. In a shocking turn of events, Lincoln College, a prestigious institution with a history spanning 157 years, announced its closure following a crippling ransomware attack. This incident serves as a grim reminder of the increasing vulnerability of educational institutions to cyber threats and highlights the dire consequences of inadequate cybersecurity measures.

The Ransomware Attack and Its Impact

Lincoln College fell victim to a sophisticated ransomware attack that infiltrated its digital infrastructure, paralyzing its operations and blocking access to critical data. The attack disrupted the college’s systems required for recruitment, retention, and fundraising efforts, making them inoperable. Fortunately, no personal identifying information was exposed.

The Anatomy of the Ransomware Attack

Ransomware attacks like the one on Lincoln College are often orchestrated by a criminal organization seeking financial gain. Ransomware is a form of malicious software that encrypts a victim’s data, demanding a ransom payment in exchange for a decryption key. Hackers exploit vulnerabilities in an organization’s systems, often through phishing emails or unpatched software, to gain unauthorized access. In this case, the attackers successfully infiltrated the college’s defenses and encrypted essential data, leaving the institution with a stark choice: pay the ransom or face severe operational disruptions.

Cybersecurity Defenses and Challenges

Educational institutions like Lincoln College face significant challenges in maintaining robust cybersecurity defenses. Budget constraints, limited technical expertise, and the evolving nature of cyber threats can all contribute to vulnerabilities. While colleges and universities are entrusted with safeguarding sensitive data, their decentralized nature often makes it challenging to implement consistent and effective cybersecurity measures across various departments and systems.

The Closure Decision

The decision to close Lincoln College was not taken lightly. The ransom demanded by the attackers exceeded the institution’s financial capabilities, leaving college administrators with few options. The attack’s aftermath was projected to be a prolonged and expensive recovery process, which the college could ill afford. David Gerlach, the college’s president, told the Chicago Tribune that it paid a ransom of less than $100,000 to regain access to its data months later. By that time, it was too late to resolve the school’s projections for “significant enrollment shortfalls” and raise the funds to maintain operations.

A Growing Trend: Ransomware Attacks on Educational Institutions

The ransomware attack on Lincoln College is unfortunately not an isolated incident. In the past year, there has been a concerning rise in cyber-attacks targeting colleges and universities around the world. These attacks range from data breaches and distributed denial of service (DDoS) attacks to phishing campaigns and ransomware incidents. Institutions such as Stephen F. Austin State University and Mount St. Mary’s College have also fallen victim to similar attacks, underscoring the urgency for stronger cybersecurity measures in the education sector.


The closure of Lincoln College serves as a stark reminder of the devastating impact of cyber attacks on educational institutions. As technology continues to evolve, so do the methods and sophistication of cybercriminals. It is imperative for colleges and universities to invest in comprehensive cybersecurity strategies that encompass not only technology but also staff training and proactive risk management.

The loss of an institution with a legacy spanning over a century is a tragic consequence of the digital age’s dark underbelly. It is a wake-up call for educational institutions worldwide to prioritize cybersecurity and ensure the continuity of their invaluable contributions to society.

EXTEND Resources helps organizations protect against cyber threats and reduce the risk of loss associated with security and privacy incidents — including ransomware attacks. Learn more about our information security and data privacy services


Scroll to Top
Skip to content

By continuing to use the site, you agree to the use of cookies. Learn More

We use cookies to personalize content and ads, to provide social media features and to analyze our traffic. We also share information about your use of our site with our social media, advertising and analytics partners. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.