Sensitive data from 14 UK schools was exfiltrated online by hackers after an attack in 2022.
The leaked documents included children’s SEN information, student passport scans, staff payroll, and contract details. The information was leaked after the affected school refused to pay the attacker’s ransom demand.
The attack and leak were believed to have been carried out by threat actor Vice Society. Vice Society has conducted numerous ransomware and extortion campaigns targeting educational institutions in the UK and US.
In October 2022, the Los Angeles Unified School District (LAUSD) warned that the Vice Society had begun posting data stolen from the institution. This followed LAUSD’s announcement that it would not pay extortionists.
Many of the 14 UK schools affected have provided parents, students and staff with updates on the incident.
The schools affected by the new leak are: Carmel College of St Helens. Durham Johnston Comprehensive School. Francis King School of English, London/Dublin. Gateway College, Hamilton, Leicester. Holy Family RC + CE College, Heywood. Rampton School, Hounslow, London. Mothborne Federation, London. Pilton Community College, Barnstaple. Samuel Ryder Academy, St Albans. School of Oriental and African Studies, London. St Paul’s Catholic College, Sunbury-on-Thames. Test Valley School, Stockbridge. De Montford School, Evesham.
The education sector has been the target of ransomware for several years. In July 2022, he said, according to a report published by Sophos, 56% of secondary education institutions were hit by ransomware in the previous year, and 64% of tertiary institutions were hit.
Schools and universities are underinvested in cybersecurity, and factors such as the sheer number of devices connecting to their systems put sensitive personal and research data at risk. It seems to be considered a “soft target” for cybercriminals.
Achi Lewis, Absolute Software’s EMEA Area VP, said: As a result, ransomware attacks occur occasionally and not when educational institutions need to ensure they are prepared to prevent and respond to these attacks.
Keiron Holyome, Vice President of UKI and Emerging Markets at BlackBerry, emphasized the importance of strengthening endpoint security in the education sector to combat the threat of ransomware. “To ensure continuity of education, especially in the context of distance learning, governments should invest in cybersecurity in the education sector while considering the impact on individual well-being and ensuring security, productivity and user experience. If these devices become infected with viruses or malware, they may expose sensitive personal information that students share during the learning process,” he explained.
