In April, the Royal ransomware gang added Lake Dallas Independent School District in Texas to its leak site. Quoting the district’s description of itself, the attackers commented:
Lake Dallas Independent School District has a vibrant, growing student population, an excellent array of programs, a strong curriculum, and a progressive, innovative atmosphere. Seems like everything is on the best level but its not. Gygabytes of students’ and their staff personal information is not a thing to worry about. A few hundreds of SSNs and array of passport information will be available here on Monday. This is the result of being non-progressive in cybersecurity.
Enjoy!
But no data was provided as any proof of claims, and by May 4, no data had been leaked.
If there ever was a notice about the breach on the district’s website, it was not visible today from the home page. Today, however, the district provided notification to the Texas Attorney General’s Office that 21,982 Texas residents had been affected by a breach and that individuals were being notified by U.S. mail. The types of information involved included:
Name of individual; Address;Social Security Number Information; Driver’s License number; Government-issued ID number (e.g. passport, state ID card); Financial Information (e.g. account number, credit or debit card number); Medical Information; Health Insurance Information
Texas does not upload the actual notification templates so it is not clear whether the number reported is for employees, employees and students, or something else. In fact, the Texas AG site doesn’t even indicate that this was a ransomware attack or the Royal incident, but it seems likely.
If any reader received a copy of the letter, please send it to breaches[at]protonmail.ch.
It looks like a small district, so I’d assume most of 20k+ would be students.
Or they storied employee information going back years as well…. hard to tell.