Frank Rizzo reports: Manhasset School District Acting Superintendent of Schools Gaurav Passi, at the Oct. 7 board of education meeting, said that the district may have been the victim of ransomware. “At this time we can confirm that we have discovered ransomware in our system,” Passi said. “And that the malicious actor—or threat actor, as…
Category: Education Sector
The Dallas Independent School District breach impacted almost 800,000, but details are still lacking
On September 3, this site reported on a breach involving Dallas ISD in Texas. As noted at the time, details were lacking. But now their external counsel has provided notification to the Maine Attorney General’s Office and so we now know more: The breach, which reportedly occurred on June 8, impacted 795,497 individuals. [Note that…
Two more ransomware attacks on the education sector revealed
In August, DataBreaches.net highlighted ransomware threat actors known as Pysa who have been attacking both the medical sector and the education sector — two sectors near and dear to this site’s publisher. Today, we report on two more school districts attacked by Pysa. Consolidated High School District 230 The Consolidated High School District 230 in…
Ransomware actor tries to pressure Allen ISD by emailing parents
Benjamin Freed reports: The malicious actors behind a ransomware attack against a school district in Texas attempted to extract payment this week with what one analyst said appears to be an entirely new tactic: emailing parents of students with a threat that if school officials do not pay up, their kids’ personal information may be…
CA: Lodi schools lose internet access due to ‘cyber security’ issue
Giacomo Luca reports: The Lodi Police Department is investigating a “cyber security” issue that knocked out internet access across the Lodi Unified School District, a school spokesperson said Monday. The issue has halted Wi-Fi and access to internet, e-mail, and the district’s websites, said Chelsea Vongehr, a spokesperson for Lodi Unified. Read more on ABC10.
New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education
Amitai Ben Shushan Ehrlick reports: SentinelLabs has been tracking the activity of Agrius, a suspected Iranian threat actor operating in the Middle East, throughout 2020 and 2021 following a set of destructive attacks starting December 2020. Since we last reported on this threat actor in May 2020, Agrius lowered its profile and was not observed conducting destructive…