On October 28, this site noted a report that Washington Central Unified Union School District in Vermont had been the victim of an as-yet-unconfirmed ransomware attack. The district has now issued a notification that makes clear that personal and health information of students and personnel may have been accessed or acquired.
Their announcement also indicates that measures that they had been taking to harden their security helped reduce some of the potential harm from the incident.
The elements of personal information of affected students compromised in the attack may have included:
name, address, date of birth, certain information in the student’s education records, and potentially allergy and prescription information in student files. Student Social Security numbers were not involved in the attack, nor were the credit or debit card number of parents or guardians.
The elements of personal information of teachers/staff and related individuals compromised in the attack may have included:
name, address, date of birth, health insurance numbers, Social Security Number, and in some instances financial account information.
As of the time of this publication, this incident has not shown up on any dedicated leak site by ransomware groups.
The district was in the process of trying to improve their data security prior to the breach:
Prior to the attack, the School District had been in the process of moving applications and files to cloud environments to enhance security, which substantially reduced the impact of this incident. In response to the attack and in an effort to prevent future attacks, the School District changed passwords, deployed an end point monitoring solution, and began the process of upgrading its virus and malware protections.
More information can be found on the district’s web site.