Open 24/7/365

We Have A Life-Time Warranty /
Guarantee On All Products. (Includes Parts And Labor)

Hacker Releases Information On Las Vegas-Area Students After Officials Don’t Pay Ransom

Clark County in Nevada is largest known school district hit by hackers during Covid-19 pandemic. Hacker Releases Information On Las Vegas-Area Students After Officials Don’t Pay Ransom

A hacker published documents containing Social Security numbers, student grades and other private information stolen from a large public-school district in Las Vegas after officials refused a ransom demanded in return for unlocking district computer servers.

The illegal release late last week of sensitive information from the Clark County School District in Las Vegas, with about 320,000 students, demonstrates an escalation in tactics for hackers who have taken advantage of schools heavily reliant on online learning and technology to run operations during the coronavirus pandemic. The release of the district’s information is being reported for the first time by The Wall Street Journal.

Hackers have attacked school districts and other institutions with sensitive information even before the pandemic, typically blocking users’ access to their own computer systems unless a ransom is paid. In those instances, the so-called ransomware crippled the district’s operations but hackers didn’t usually expose damaging information about students or employees.

“A big difference between this school year and last school year is they didn’t steal data, and this year they do,” said Brett Callow, a threat analyst for cybersecurity company Emsisoft, who said he was able to easily access the Clark County data on a hacker website. “If there’s no payment, they publish that stolen data online, and that has happened to multiple districts.”

Some districts have paid ransoms, with the Journal finding examples ranging from $25,000 to over $200,000, deciding that rebuilding servers is more costly and could delay learning for weeks. Consultants often advise districts that hackers generally have a good record of releasing control of the servers upon payment to entice others to pay in the future.

Administrators at Clark County, the largest school district known to be hit with ransomware since the pandemic began, provided a statement to the Journal on Monday, saying they will be individually notifying affected individuals as the district’s investigations continues. The district “values openness and transparency and will keep parents, employees and the public informed as new, verified information becomes available,” the statement said.

The district previously referred the Journal to a notice the district posted on Sept. 9.

The notice says that on Aug. 27, three days after school began online, certain files couldn’t be opened due to a virus later identified as ransomware. Some private information may have been accessed, the notice says, and advises individuals to review account statements and monitor credit reports for suspicious activity. District officials on Aug. 27 noted no problems to online learning platforms, in a Facebook post confirming there had been a data security incident.

The notice said that the district “notified law enforcement and began an investigation, which included working with third-party forensic investigators, to determine the full nature and scope of the incident and to secure the CCSD network.” The district said it was working to restore all systems to secure, full functionality.

Some parents demanded more information in response to the Aug. 27 Facebook post. “Our children’s security/safety should be #1 priority!!! Give us some peace of mind,” one wrote.

The Federal Bureau of Investigation doesn’t support paying a ransom, but says it understands that organizations faced with an inability to function will evaluate all options to protect employees and customers. The agency says paying a ransom emboldens hackers to target other organizations.

On Sept. 14, the hacker sent Clark County a warning by releasing on its website a file of stolen district information that looked to be nonsensitive, said Mr. Callow, who could see what the hacker had posted. However, late last week, Mr. Callow said, the hacker loaded files of a more sensitive nature, including employee Social Security numbers, addresses and retirement paperwork. For students, information released includes a data file with names, grades, birth dates, addresses and the school attended.

Mr. Callow said he didn’t need a password to access the information. He said that he found links to the stolen information on an area of the hacker’s site for “new clients,” as it calls the organizations it holds hostage. He added that the hacker indicated all the stolen Clark County data has been posted.

Clark County didn’t respond to questions about the amount of ransom sought by the hacker. It couldn’t be determined whether the district has regained access to its systems.

Rebecca Garcia, Nevada Parent-Teacher Association president who has three children in Clark County schools, said Monday after the Journal reported the data breach that some of her members are concerned they have yet to hear from the school district on the release of information.

“At this point moving forward, we need transparency, and we need to know what’s going to be done to address it, from a data security standpoint,” she said. “And as parents, what we need to be aware of in monitoring and tracking our students’ identities moving forward.”

School districts don’t always disclose ransomware attacks or payments, usually done in bitcoin or other cryptocurrencies, and the disclosure requirements vary by state. Some administrators say they just want to move on after being thrust into an unfamiliar world of shadowy criminals, cryptic notes in broken English and the dark web.

Ransom amounts are often negotiated. In Texas, the 10,000-student Sheldon Independent School District in Houston paid $206,931 in bitcoin from its reserve fund after being hacked in March, from an initial ransom amount of about $350,000, district officials said. The district said the attack rendered it inoperable and even threatened an upcoming paycheck distribution. Cyber insurance coverage paid for other costs related to the attack, such as a forensic review of the servers, according to the district.

“Oftentimes people wonder why we paid it,” said Sheldon Superintendent King R. Davis. “It was very important to us to keep moving forward.”

Coveware, a ransom negotiating firm, reported an increase in average ransom payments for all industries, up 60% to $178,254, in its second quarter ending in June. The firm says hackers had about a 99% rate of delivering a decryption tool to the hostage companies or organizations once the ransom was paid.

Hacker Releases Information On,Hacker Releases Information On,Hacker Releases Information On,Hacker Releases Information On,Hacker Releases Information On,Hacker Releases Information On,

Related Articles:

Russian Troll Farms Posing As African-American Support For Donald Trump

US Moves To Seize Cryptocurrency Accounts Linked To North Korean Heists

These Illicit SIM Cards Are Making Hacks Like Twitter’s Easier

Uber Exec Allegedly Concealed 2016 Hack With $100K BTC ‘Bug Bounty’ Pay-Off

Senate Panel’s Russia Probe Found Counterintelligence Risks In Trump’s 2016 Campaign

Bockchain Based Surveillance Camera Technology Detects Crime In Real-Time

Trump Bans TicToc For Violating Your Privacy Rights While Giving US-Based Firm Go Ahead (#GotBitcoin?)

Facebook Offers Money To Reel In TikTok Creators

How A Facebook Employee Helped Trump Win—But Switched Sides For 2020

Facebook Rebuffs Barr, Moves Ahead on Messaging Encryption

Facebook Ad Rates Fall As Coronavirus Undermines Ad Spending

Facebook Labels Trump Posts On Grounds That He’s Inciting Violence

Crypto Prediction Markets Face Competition From Facebook ‘Forecasts’ (#GotBitcoin?)

Coronavirus Is The Pin That Burst Facebook And Google Online Ads Business Bubble

OpenLibra Plans To Launch Permissionless Fork Of Facebook’s Stablecoin (#GotBitcoin?)

Facebook Warns Investors That Libra Stablecoin May Never Launch (#GotBitcoin?)

FTC Approves Roughly $5 Billion Facebook Settlement (#GotBitcoin?)

How Facebook Coin’s Big Corporate Backers Will Profit From Crypto

Facebook’s Libra Is Bad For African Americans (#GotBitcoin?)

A Monumental Fight Over Facebook’s Cryptocurrency Is Coming (#GotBitcoin?)

Alert! 540 Million Facebook Users’ Data Exposed On Amazon Servers (#GotBitcoin?)

Facebook Bug Potentially Exposed Unshared Photos of Up 6.8 Million Users (#GotBitcoin?)

Facebook Says Millions of Users’ Passwords Were Improperly Stored in Internal Systems (#GotBitcoin?)

Advertisers Allege Facebook Failed to Disclose Key Metric Error For More Than A Year (#GotBitcoin?)

Ad Agency CEO Calls On Marketers To Take Collective Stand Against Facebook (#GotBitcoin?)

Thieves Can Now Nab Your Data In A Few Minutes For A Few Bucks (#GotBitcoin?)

New Crypto Mining Malware Beapy Uses Leaked NSA Hacking Tools: Symantec Research (#GotBitcoin?)

Equifax, FICO Team Up To Sell Your Financial Data To Banks (#GotBitcoin?)

Cyber-Security Alert!: FEMA Leaked Data Of 2.3 Million Disaster Survivors (#GotBitcoin?)

DMV Hacked! Your Personal Records Are Now Being Transmitted To Croatia (#GotBitcoin?)

Lithuanian Man Pleads Guilty In $100 Million Fraud Against Google, Facebook (#GotBitcoin?)

Hack Alert! Buca Di Beppo, Owned By Earl Enterprises Suffers Data Breach Of 2M Cards (#GotBitcoin?)

SEC Hack Proves Bitcoin Has Better Data Security (#GotBitcoin?)

Maxine Waters (D., Calif.) Rises As Banking Industry’s Overseer (#GotBitcoin?)

FICO Plans Big Shift In Credit-Score Calculations, Potentially Boosting Millions of Borrowers (#GotBitcoin?)

Our Facebook Page

Your Questions And Comments Are Greatly Appreciated.

Monty H. & Carolyn A.

Go back

Leave a Reply