Waverley Christian College, a prominent educational institution in Victoria, Australia, has recently confirmed it was the victim of a ransomware attack. The attack, attributed to the Fog ransomware group, took place in December 2024. According to the gang’s claims, the attackers successfully stole five gigabytes of sensitive data from the college, which reportedly includes financial records, internal communications, and other private files. The data was posted on the group’s darknet leak site, although no ransom demand or deadline for releasing the information has been issued.
In response to the incident, Waverley Christian College has assured its community that it is investigating the attack with the help of external cybersecurity experts. A spokesperson for the school stated that while the attack impacted a limited amount of data, primarily related to business operations, a detailed review is ongoing to determine the full extent of the breach. The college has committed to notifying any affected individuals and providing necessary support.
As part of its response, the college has notified both the Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC), as required. The institution emphasized that it takes cybersecurity very seriously and is doing everything possible to mitigate the impact of the attack. Furthermore, the college has expressed its gratitude to students, staff, and the broader community for their support during this challenging time.
The Fog ransomware group, responsible for the attack, is relatively new in the cybercrime scene, having emerged in May 2024. The group is known for exploiting compromised VPN credentials for initial access and has particularly targeted the education sector. The group’s technical proficiency allows them to move quickly through networks, often completing the stages of data exfiltration and encryption within hours. Fog ransomware is believed to operate out of Eastern Europe, with its members likely speaking English as a second language.
Reference:
