Confidential data from 14 UK schools has been leaked online by hackers following attacks that took place in 2022.
The leaked documents include children’s SEN information, pupil passport scans, staff pay scales and contract details. The information was leaked after the impacted schools refused to pay the attackers ransom demands.
The attacks and leaks were believed to be perpetrated by the threat actor Vice Society, which has conducted numerous ransomware and extortion campaigns targeting education institutions in the UK and US.
In October 2022, the Los Angeles Unified School District (LAUSD) warned that Vice Society had begun posting data it stole from the institution. This followed LAUSD announcing that it would not be paying its extorters.
Many of the 14 UK schools affected have provided an update on the incident to parents, pupils and staff.
The schools impacted by the new leak are: Carmel College, St Helens; Durham Johnston Comprehensive School; Frances King School of English, London/Dublin; Gateway College, Hamilton, Leicester; Holy Family RC + CE College, Heywood; Lampton School, Hounslow, London; Mossbourne Federation, London; Pilton Community College, Barnstaple; Samuel Ryder Academy, St Albans; School of Oriental and African Studies, London; St Paul’s Catholic College, Sunbury-on-Thames; Test Valley School, Stockbridge; The De Montford School, Evesham.
The education sector has been heavily targeted by ransomware in the past few years. A report published by Sophos in July 2022 found that 56% of lower education institutions had been hit by ransomware in the previous year, along with 64% of higher education bodies.
Schools and universities appear to be viewed as a ‘soft target’ by cyber-criminals due to factors such as a lack of cybersecurity investment and vast numbers of devices connecting to their systems, putting sensitive personal and research data at risk.
Commenting, Achi Lewis, area VP EMEA for Absolute Software said: “The education sector is a lucrative target for malicious cyber-criminals due to the large volume of sensitive data stored on school and university systems. As a result, ransomware attacks are a case of when, not if, which demands educational institutions to ensure they are prepared to both prevent and respond to these attacks, else they risk having documents stolen and leaked.”
Keiron Holyome, VP UKI and emerging markets at BlackBerry emphasized the importance of strengthening endpoint security in the education sector to counter the ransomware menace. “To ensure the continuity of education, especially in the context of remote learning, we encourage the government to invest in cybersecurity for the education sector, considering the impact on individuals’ wellbeing and ensure security, productivity and user experience. If these devices become infected with a virus or malware, they can expose sensitive personal information that students share during the learning process,” he explained.