A May 1 announcement by PENNCREST School District in Pennsylvania begins:
Over the weekend, the PENNCREST School District became aware of a situation, believed to be a ransomware event, which has disrupted certain aspects of our operations. We quickly took steps to implement our Cybersecurity Incident Response Plan. Following our plan, we shut down and disconnected the entire network and technology infrastructure. We are now working diligently with external cybersecurity specialists to conduct a thorough forensic investigation into the nature and scope of the event and to securely restore operations. At this time, we have not identified evidence of any data loss, data access, or data theft as a result of this event.
Although their notice does not specifically mention Royal ransomware, the filename of their statement does:
As of publication time, Penncrest does not appear on Royal’s leak site.