It sounds like yet another K-12 school district has fallen prey to a cyberattack that it never successfully detected or thwarted quickly. SuspectFile reports:
The Fowler Elementary School District, located in Phoenix, Arizona, has reportedly fallen victim to a cyberattack involving what may be a substantial volume of sensitive data. The incident was claimed by the Interlock ransomware group, which published its announcement on May 3, 2025, through a post on its blog hosted within the Tor network. According to the cybercriminals’ own statement, the operation allegedly led to the exfiltration of approximately 400 gigabytes of data, which they claim includes highly confidential information related to students, employees, and administrative personnel.
InterLock reportedly leaked a file tree with 60,000 lines and other proof of claims. SuspectFile notes:
The attackers claim to have accessed a wide range of personally identifiable and sensitive information. According to Interlock, this includes full names of students and staff, dates of birth, residential addresses, Social Security Numbers (SSNs), medical records, insurance information, payroll data, administrative documents, student ID numbers, and guardian names. If verified, the exposure of such data would represent a significant threat to the privacy and security of those potentially affected.
Read more at SuspectFile.
As they report, the district does not appear to have posted anything on its website or Facebook page about any attack. Their Facebook page was last updated on April 29 with a cheery note about 18 days left in the school year.
Fowler is not the first school district to have been hit by InterLock, and at least two other districts hit by InterLock both had suffered encryption of systems. Whether that is true in this case remains to be learned. InterLock also recently leaked data allegedly from Madison Schools in Arizona.