RansomHub, a notorious hacking group, targeted Riverdale Country School, a prestigious private school in the Bronx, with ransomware. The attack resulted in the leak of sensitive data, including personally identifiable information (PII) of students, parents, and faculty. The group posted the stolen information on the dark web after a countdown expired, showcasing their failure to comply with RansomHub’s demands. This data breach exposed a large volume of confidential information, including medical and contact details, to public access.
The breach, which occurred earlier this month, was highlighted on February 20, when RansomHub announced its attack.
After the group published a countdown, it gave the school over five days to meet its ransom demands. Following the expiration of the countdown, the group uploaded a 42 GB file to the dark web, marking the data as “Published.” By March 5, the data had been accessed over 4,000 times, making it clear that it was being downloaded and shared by nefarious actors.
Cybersecurity expert Luke Connolly explained that the public release of the data suggested the school had refused to comply with the ransom demand.
He noted that cybercriminals rarely honor their promise to delete data after receiving payment. Connolly also warned that paying ransoms only fuels the continued operation of cybercrime groups, as it provides financial support for future attacks. He urged organizations not to give in to the pressure to pay, as it encourages further criminal activity.
This attack highlights the growing problem of ransomware affecting schools and other institutions. Riverdale Country School’s breach comes amid a rise in attacks on educational institutions and organizations like PowerSchool. The leak has raised questions about how private schools, which are not always covered by federal privacy laws, are vulnerable to such breaches. Experts stress that schools must improve their cybersecurity measures to avoid being targeted by increasingly sophisticated cybercriminal groups.
Reference: