Hackers Stole School Data. The District Left Teachers in the Dark

Posted on by Dissent

More on the Tucson Unified School District ransomware attack by Royal. Jack Gillum reports:

Classrooms across Tucson, Arizona, were ravaged by ransomware in January that locked up computer systems and forced teachers to revamp lesson plans. Officials in southern Arizona’s largest school district tried assuring students and staff for weeks that, despite the cyberattack, sensitive data wasn’t stolen.

But Bloomberg News found that cybercriminals made off with gigabytes of files, containing tens of thousands of current and former employees’ Social Security numbers and other confidential records. They then uploaded the information in February to the dark web for anyone to access with an easily downloadable browser. The data were still accessible as recently as April 17.

Read more at Bloomberg.

As of this morning, Royal has leaked what they claim are a total of 57 GB of data stolen from TUSD.

On February 10, Royal claimed to have leaked 2% of the data stolen from TUSD.

Leaks of February 9 and February 17 dumped 5 GB and 52 GB respectively.
Images from Royal leak site show data dumps on February 9 (5 GB) and February 17 (52 GB). Redacted by DataBreaches.net.

Royal did not appear to update their listing after the second leak to reflect what percent of data has been leaked. Do they still have more?

Category: Education SectorMalwareU.S.