Hacker Releases Confidential Information After School District Refuses Ransom Demands

Hackers Gain Access To Confidential Information

On the morning of August 27, Las Vegas’ Clark County School District (CCSD) made a public statement that certain of their computer systems had become infected with a virus that denied them access to specific files. The Wall Street Journal (WSJ) reports that hackers published documents containing Social Security numbers, student grades, and other private information from CCSD students and staff, after officials refused to pay a ransom in return for unlocking district computer servers.

CCSD did not specify whether confidential information had been published but did acknowledge that “certain current and former employee information may have been accessed or acquired by the unauthorized actor.”

Hackers Release Sensitive Information

The sensitive information from CCSD was published on the hacker’s website last week. The country’s fifth-largest school district which teaches 320,000 students is the largest to be hit with ransomware since the coronavirus pandemic began.

Brett Callow, a threat analyst for cybersecurity company Emsisoft, told WSJ that the hacker had sent the county a warning by releasing a file from the district that appeared to be non-sensitive. But more sensitive files were released last week that included employees’ Social Security numbers, addresses, retirement papers, and students’ names, grades, birth dates, addresses, and the school they attended.

The Federal Bureau of Investigation told WSJ that it does not recommend paying ransom for data breaches, saying that the payment “emboldens hackers to target other organizations.” According to WSJ, some school districts were attacked similarly and paid the ransom to keep the data from being published.

Las Vegas School District Takes Action

The school district released a statement on Monday saying it will individually notify those affected by the hack, adding that the district is “working diligently to determine the full nature and scope of the incident.”

“CCSD values openness and transparency and will keep parents, employees, and the public informed as new, verified information becomes available,” the statement reads.

previous release from the district, three days after school began, stated that school administrators determined certain files could not be opened and eventually attributed the issue to a virus and ransomware. In this earlier release, they warned that some private information may have leaked and requested that individuals associated with the district review account statements and watch credit reports. The school district said it notified law enforcement and began an investigation which included working with third-party forensic investigators to look into the incident, and that CCSD was trying to fix all systems to ensure functionality.

No Interruptions to Online Learning

The district also clarified in a Facebook statement on August 27th, that the data breach caused no interruptions to online learning.

The Clark County School District is not the only district to be hit with a hacking attack during the pandemic.  With the majority of the nation’s schools having transferred to full- or part-time online learning, hackers are exploiting this huge uptick in online usage and taking hostage the very victims – youth! – who are not aware nor trained to recognize how they are being tricked into providing their passwords or other information that opens the door to bad actors.

Hartford Public Schools in Connecticut postponed in-person classes and online learning at the start of the school year, citing a ransomware virus that caused an outage of systems in the network infrastructure.  Additionally, the Miami-Dade school district saw dozens of attacks in the early days of the academic year.

Ransoms Have Been Paid Before 

The Wall Street Journal found that schools have paid ransoms ranging from $25,000 to more than $250,000 after determining the ransom would be less expensive than the cost of restructuring servers and postponing online learning.

The FBI advises against paying a ransom to hackers, saying it inspires them to go after other organizations, but acknowledges management may consider paying a ransom as their only option to avoid leaked proprietary data or a disruption in daily operations – or both!

Get a FREE Cyberhealth Check

Christian John Sales, Marketing Manager, Data-Guard 365

Data-Guard 365 is a MSSP firm headquartered in Indianapolis, Indiana, with offices in Chicago, Atlanta, and
other strategic locations across the globe. The company is a one-of-a-kind business partner whose people, processes, and technology provide invincible cybersecurity for a price point that pays for itself.
www.Data-Guard365.com / (317) 967-6767 / info@data-guard365.com

Back to Articles/Blog  
Photo of Chris Zvirbulis, Chief Commercial Officer
Christopher Zvirbulis
Chief Commercial Officer, Partner