Ransomware attack ends with hackers releasing children’s private information

A ransomware attack has resulted in students’ mass doxing in Clark County, Nevada after the school district officials failed to meet the hackers’ demands.

The release included the release of private data and addresses of thousands of US students online, which is believed to be a case of ransomware attackers’ frustration after school failing to meet their demands. The attackers also released grades, social security numbers and some financial information of students, teachers and staff from the school district. The attack took place just a week after school started their online classes.

Ransomware attack in a school district

Cybersecurity specialist Brett Callow discovered the online data leak and indicated that the information was posted three weeks after the initial ransomware attack was first reported.

Ransomware attacks have become common and involve hackers encrypting data from their victims’ computers after a successful hack. The attackers then coerce their victims to pay a ransom if they want their information back. If their demands are not met, the hackers mostly threaten that they will continue holding victims’ data, leaking sensitive information online, or destroying data.

 The Clark County School District (CCSD) said that it was working to determine the damage’s full extent. They also indicated that they were getting in touch with the people affected to notify them of the ransomware attack and their private data’s online leak.

This year has seen a sharp increase in ransomware attacks instances, with IBM Security X-force, indicating that hackers were upping their demands, noting that they were demanding upwards of $40 million in some instances. The security report also noted that schools and universities had become the targets for these types of attacks, especially during online classes, where attackers were exploiting the systems to gain access to networks.

Insurance firm Coalition also indicated that there had been an uptick of cybersecurity claims this year, which ranged between $1,000 (£778) to $2m (£1.56m.), with data showing that this represented over 40 percent of all their cyber insurance claims. 


Featured image by Pixabay