After a massive ransomware attack at the end of February, students and teachers in the Minneapolis Public Schools (MPS) school district had highly sensitive information about themselves published on the web, including allegations of abuse by teachers and psychological reports. It was done.
MPS initially refused to pay the $1 million ransom to the blackmailers and said it had successfully restored its encrypted systems via backups.
However, the Medusa hacking group, which sought to blackmail MPS, not only encrypted the district’s data, but also stole its own copy of the data, which it eventually published on the internet and advertised through a link on its Telegram channel.
In all, about 100 GB of data, claimed to be from the MPS district, was published on the public internet along with video summaries showing some of the content.
NBC News Some of the people who examined some files were amazed at what they found.
Published data included:
- the name and date of birth of any child with special needs,
- details of their home life and obstacles,
- Intelligence test results
- Details of any medications they may be taking.
But that wasn’t the only confidential data. According to reports, the leak also uncovered reports of abuse.
“The leaked files also contain hundreds of forms documenting the times faculty and staff learned that a student may have been abused. Some are very confidential and allege incidents, such as a student being sexually abused by a teacher or another student.Each report contains contains the victim’s name, date of birth and address.
moreover, NBC News described a leaked report detailing allegations of sexual abuse involving the named individual and a teacher who allegedly had a romantic relationship with a student.
Of course, all this is scary. However, the fact that the data stolen by the hacking group Medusa does not follow the traditional method of being published on dark web leak sites, is published on traditional websites that do not require specialized tools like Tor. The situation is getting worse. that.
Posts bragging about hacks and pointing out leaked websites have been published on social media, increasing the chances of highly damaging information being seen by a wider audience.
MPS says it’s trying to remove the leaked data from these public web pages, but they’re still available, at least for now.
It’s clear that the Medusa group revels in the chaos it’s causing, and feels no guilt about the impact it’s having on vulnerable and innocent young people.
While some ransomware gangs have even apologized or offered free decryption tools after hacking schools, others have no qualms about the damage their attacks could cause. It is clear that many criminal groups exist.
