Two more school districts have shown up on dark web leak sites today.
Pineland Schools
Pineland Schools in Vineland, New Jersey, was added to LockBit’s site with some files as proof of claim.
LockBit claims to have 64GB of data they will dump on April 18 (tomorrow).
The screencaps provided as proof include an image of a directory that would likely contain a lot of personal information on both students and personnel (233 GB), but if LockBit is claiming they exfiltrated 64 GB, then they did not get all the data represented in that screencap.
LockBit’s listing does not indicate what their ransom demand amount is.
Uniondale Union Free School District
Uniondale Union Free School District (UUFSD) in New York was added to Medusa’s leak site today with some files leaked and a threat to leak more data in 9 days from now. Medusa offers three options: people can pay $1,000 to add one day to the deadline, or they can pay $1,000,000 to delete all the data either or download all the data.
Medusa, which has already developed a reputation for demanding high ransoms, may wish to do a reality check if they think a small district that is almost 100% minority enrollment that spends more per student than it gets in revenue is going to pay 1 million dollars.
Neither Pineland Schools’ nor UUFSD’s website appeared to have any notice about any incident. DataBreaches sent email inquiries to both districts asking whether the attackers locked files and what the communities have done in response to their respective incidents. No replies were immediately received.