On June 15, DataBreaches reported that BlackCat threat actors had added Plainedge School District in New York to their dedicated leak site. At the time, BlackCat (aka ALPHV) only offered a few files as proof but warned more data would be leaked if they did not hear from the district.
The threat actors subsequently dumped more than 30 GB of files, including a cybersecurity analysis and report prepared for the district in February 2021. Whether the district had addressed any and all critical vulnerabilities in the report or whether BlackCat exploited any of them is unknown to DataBreaches at this time.
Dandan Zou of Newsday reports that through a Freedom of Information request to the NYS Education Department, Newsday learned that the breach involved 99 employees’ names, phone numbers, emails and ID numbers.
Read more at Newsday.