DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Six months after TheDarkOverlord attacked their district, School District 6 sends breach notification letters to parents

Posted on March 20, 2018 by Dissent

More than six months after the hacker or hackers known as TheDarkOverlord hacked and terrorized School District 6 in Columbia Falls, Montana, the district has sent parents breach notification letters revealing what they were able – and not able – to determine.

Three versions of the March 19th letter, marked “Draft” and signed by Superintendent Steven Bradshaw, were submitted to the state. The versions vary in terms of what kinds of student data they report may have been accessed. Of note, the letters make clear that the forensic examiners could not determine whether student data was actually accessed or nor, and if it was accessed, whether any data was exfiltrated. That statement was also repeated to DataBreaches.net by the superintendent when we spoke recently about the hack and its aftermath.

One version of the letter explained that:

On January 31, 2018, the District concluded its investigation into the nature and extent of the incident as it related to students’ information, including the identification of potentially affected students, as a result of unauthorized access to a District server as part of the cyber extortion incident.

The District Administration Office maintained a database containing certain student records that included your child’s name and health-related information associated with their Individualized Education Program or visit to the District nurse’s office. The forensic investigation could not rule out the possibility that the perpetrators were able to access this database. Note that this incident did not involve your child’s Social Security number.

Even though, to date, we have no evidence that your child’s information in the database containing student records was accessed by the perpetrators, or has been misused as a result of this incident, we are notifying you out of an abundance of caution and assure you that we take this matter very seriously.

A second version of the letter was sent to parents of students whose name and Social Security number, but not health information, may have been accessed. And a third version was sent to parents of students who health information, name, and SSN may have been accessed.

Parents receiving the second or third versions were offered one year of complimentary services with an Experian product for their children.

The firm hired to do the forensics was not named in the notification letter, but given that the hackers appear to have quoted material about students in their ransom letter (material that was redacted before the ransom letter was made public), it would seem obvious that not only did they have access to some server(s), but they also accessed and exfiltrated at least some data. Indeed, in statements to DataBreaches.net, the hacker(s) routinely claim how when they hack an entity, they get “everything.”

Notification letter.

Related posts:

  • k-12 school districts fall prey to Pysa ransomware
  • Forbes Breach Email Statistics
  • Kept in the Dark — Meet the Hired Guns Who Make Sure School Cyberattacks Stay Hidden
  • Hackers escalate: leak 200k CCSD students’ data; claim to still have access to CCSD email system
Category: Breach IncidentsCommentaries and AnalysesEducation SectorHackU.S.

Post navigation

← Former nursing home employee admits stealing residents’ credit card numbers
OCR investigating Banner Health’s 2016 data breach →

5 thoughts on “Six months after TheDarkOverlord attacked their district, School District 6 sends breach notification letters to parents”

  1. Anonymous says:
    March 21, 2018 at 4:33 am

    Sounds.. disingenuous.

    1. Dissent says:
      March 21, 2018 at 8:53 am

      You think the district is lying? At this point, why would they lie to parents about what data the hackers may have acquired?

  2. Anonymous says:
    March 22, 2018 at 11:04 am

    I don’t understand why it is a big deal that it is being noted 6 months after the fact?
    Isn’t better late than never better outcome?

    1. Dissent says:
      March 22, 2018 at 11:17 am

      It took them 6 months to get it to that point. That IS a big deal as it shows how much of a major hassle that attack turned out to be. You are implying criticism where there was none.

  3. Anonymous says:
    March 22, 2018 at 1:29 pm

    I wasn’t trying to imply criticism. I was thinking about all of the unknowns and if they were actually doing something During that 6 months.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.