Providence not alone among hacked school districts
by BRIAN CRANDALL, NBC 10 NEWS
(WJAR) — Ransomware attacks on school districts, like the one Providence Public Schools may be facing, are not uncommon.
And the leak of sensitive information can be devastating.
The hackers’ apparent deadline for Providence to pay up passed on Wednesday.
“If they didn’t pay a ransom, then that data is probably up for sale on the dark web somewhere,” said Paul Bischoff, editor at Comparitech that tracks and writes about data breaches and ransomware attacks.
Bischoff reported last week that the ransomware gang Medusa claimed responsibility for the Providence School hack, and wanted a million dollar ransom.
Medusa posted a countdown clock for the ransom payment on a web post.
A letter from Superintendent Javier Montanez Wednesday acknowledged a hack for the first time, stating, “an unverified, anonymous group has claimed that they have PPSD files. While we cannot confirm the authenticity of these files and verify their claims, there could be concerns that these alleged documents could contain personal information.”
The letter came two weeks after the district was alerted to irregular activity on its network.
And the district had not said much since it happened.
“That’s also pretty common. Schools that get hacked are pretty quiet and reluctant to share a lot of details,” Bischoff told NBC10, adding that hacking victims often fear releasing details will lead to more cyber attacks.
One of the most damaging examples is a Medusa ransomware attack on Minneapolis schools last year, which led to sensitive documents being leaked on the dark web.
According to reports, student health and discipline reports, allegations against staff members, and security plans were among the thousands of breached documents posted online, leading to months of fallout.
The amount of data stolen there is less than what Medusa claimed to have from Providence Schools.
Comparitech tracked 34 cyber attacks on schools from the beginning of this year through July, a slower pace than the 121 school hacks last year.
- RELATED: As Providence Public Schools deals with unauthorized network access, few details are released
Why are school districts targets for hackers?
“It’s low hanging fruit. That’s the case with most of these profit-driven ransomware gangs, is that they’re just looking for places that are easy to hack. And schools, unfortunately, have a lot of aging IT infrastructure,” Bischoff said.
Asked by NBC 10 for an update Thursday, Providence Public Schools spokesman Jay Wegimont wrote, “at this time we are still gathering more information and are conducting an analysis that will provide us greater clarity on what may have occurred, what may have been impacted, and what actions may need to be taken.”