A hacker has released the private data of thousands of students of Clark County School District after school district officials refused a ransom demand. The information released by the hacker contained student grades, social security numbers, and other private information. The private data was stolen last month from the public school district in Las Vegas by using some ransomware. The private data of around 320,000 students have been made public. This highlights a dangerous trend being adopted by hackers. They are taking advantage of the situation at a time when schools are heavily dependent on online technology to run classes during the coronavirus pandemic.
Some hackers had attacked some institutions, including school districts, with sensitive information even before the coronavirus pandemic hit. They typically blocked users from accessing their own computer systems unless paid ransom. But hackers have usually restrained from releasing damaging information about employees and students. Threat analyst Brett Callow said that he was easily able to access data of students of Clark County School District on a hacker website. Last year, hackers didn’t steal data from the school. But this time they not only stole it but also publish it when refused ransom. Callow said that this happened to multiple districts. Some districts have agreed to pay ransoms ranging from USD 25,000 to USD 200,000. They decided to do so as the cost of rebuilding servers is much more costly and also delay learning for weeks.
They agreed to pay ransoms because consultants often advise that hackers have a good record of releasing control after payment as they want to entice others in doing the same. Clark County School District, the largest public school district in Las Vegas, has so far refused to comment on the date release. The Federal Bureau of Investigation (FBI) does not support the idea of paying the ransom but says that it can understand the problem faced by organizations.
