Rhysida claims to have attacked Paris High School in Illinois

Schools continue to be an attractive and all-too-easy target for criminal groups. This week, Rhysida threat actors added Paris High School in Illinois to their leak site as an “auction” item:

"Get ready for a week-long online auction extravaganza! With just 7 days on the clock, seize the opportunity to bid on exclusive, unique, and impressive data. Open your wallets and be ready to buy exclusive data. We sell only to one hand, no reselling, you will be the only owner! Write your email, price, and the interested item. We will contact you soon. " — *“Auction” listing on Rhysida site. Image: DataBreaches.net*

There is nothing on the district’s website to indicate any problems or breach. The only possible indicator currently found was on the district’s Facebook page in the form of a May 22 notice that their phone systems were down. There do not seem to be any follow-up posts to that although there were other posts about graduation and other normal activities.

Our phone system is currently down. Our team is working to resolve the issue. — May 22 Facebook post by the district. Image: DataBreaches.net.

DataBreaches notes that Rhysida appeared to offer some proof of claims as a collage of files and images from files that they presumably exfiltrated.