On October 12, WXYZ reported that Walled Lake Consolidated Schools in Michigan had suffered an attack that impacted their systems:
The superintendent sent an email out Sunday night saying email cannot be sent or received, and internet access, along with access to network drives, is down.
Skyward Family Access, where parents can see their child’s grades, attendance, lunch payment and balance information, is also down.
The text of the district’s email to parents was posted by ClickonDetroit that same day. The email acknowledges the hack and that there had been access, although the full scope was not yet understood:
What we have learned is that the attackers were successful in gaining access to our system and that there is the possibility that credential and other information was available to them. Unfortunately, we do not have any specifics at this point but we will certainly keep you updated as we receive additional information.
Four days later, threat actors known as DoppelPaymer added the district to their leak site where they post the names of victims who have not paid their rans
Now the threat actors have updated the listing and posted two files as proof of access to the district’s systems. Both files contain district files that contain monitoring or audit type reports, but both also contain files with identifiable student information such as absentee lists, membership of students in the district’s alpha program and the names of students in the district’s dropout recovery program.
Looking at the data — but not attempting to contact any of the students or their families — DataBreaches.net believes that the files are almost certainly real.
The only comment the threat actors make in conjunction with dumping the two files as proof, is:
They do say we have no their data. Looks like wrong a bit. Guess the dialog guy did not finished school himself.
DataBreaches.net has sent email inquiries to Superintendent Kenneth Gutman
and Deputy Superintendent Christopher J. Delgado, Ph.D. to ask what the district is doing in response to the dumping of personal information. This post will be updated when a response is received.
Update of October 28: No response has been received from the district, but a copy of a letter they sent to parents was published online today by ClickonDetroit.