On Thursday, the Vice Society ransomware group claimed to have stolen sensitive data from Guildford County School, the latest British educational institution to be victimized. Hundreds of files, believed to have been taken from the school on January 19, were posted to the criminal group's leak site. Some of the filenames suggest that they contain safeguarding reports, which are internal documents that teachers write to record information about at-risk students. The school has not yet responded to questions about whether they are proactively informing staff and students that their information is being published online. Last week, the school confirmed that a cyberattack had caused their phone lines and IT systems to go down. A notice on the school website still states that their phones are down, and the extent of the breach was not specified in the initial statement. The school said that they had taken immediate action to limit data loss and were in contact with the UK's data protection regulator. The school remains open and lessons are still being taught. Vice Society has been behind a number of ransomware attacks targeting educational establishments in Britain and around the world. The criminals steal sensitive data and threaten to release it unless a ransom is paid. Recently, the BBC reported that confidential data stolen from 14 schools in the UK had been published by the group. The National Cyber Security Centre issued an alert in June 2021 warning of an increase in ransomware attacks against educational establishments in the UK, including schools, colleges, and universities. Ransomware attacks have also been a problem for US educational institutions, including recent incidents in the Los Angeles Unified School District and systems in Iowa and Massachusetts. The NCSC has continued to report an increase in attacks, and a survey found that schools are becoming better prepared for cyberattacks.
This Cyber News was published on therecord.media. Publication date: Thu, 02 Feb 2023 15:24:02 +0000