Hackers Publish Student Data When Las Vegas Schools Refuse to Pay Ransom
The release of information is an escalation in tactics by hackers taking advantage of school districts relying on distance learning during the pandemic.
Las Vegas, Nevada – The Social Security numbers, grades, addresses, retirement documents and other personal information of Clark County School District (CCSD) students and employees were released to the public by hackers last week after district officials wouldn’t pay the ransom the cyber criminals were seeking.
The attack started three days after school started on August 27 when a ransomware virus infected CCSD’s network and prevented the district from accessing some of its files, according to an announcement by CCSD.
“Upon discovery, CCSD immediately notified law enforcement and began an investigation, which included working with third-party forensic investigators, to determine the full nature and scope of the incident and to secure the CCSD network,” the announcement said.
The release of information by the hackers is an escalation in tactics by cyber criminals taking advantage of K-12 districts and institutions of higher education relying on distance learning and internet technology during the coronavirus pandemic, reports the Wall Street Journal. Experts say remote learning makes schools an enticing target for cybercriminals.
Brett Callow, a threat analyst for cybersecurity company Emsisoft, told the Journal that last year hackers didn’t steal data, whereas this year they are doing so. Callow said multiple districts that haven’t paid ransoms have had their stolen data published online. The Journal says the ransoms that have been paid by school districts range from $25,000 to more than $200,000. So far this year, at least 60 school districts and institutions of higher education have been the victims of ransomware attacks, according to Emsisoft.
The overall financial costs associated with data breaches and ransomware attacks are high. On average, data breaches cost $3.86 million each.
Ransomware attacks are also beginning to cost lives. Earlier this month, a woman being admitted to a German hospital died after she had to be diverted to another hospital 20 miles away when a ransomware attack shut down the university-affiliated hospital where she was hoping to receive treatment.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century
This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!
Leave a Reply