hiveleak attacks Wootton Upper School
Incident Date:
August 18, 2022
Overview
Title
hiveleak attacks Wootton Upper School
Victim
Wootton Upper School
Attacker
Hiveleak
Location
First Reported
August 18, 2022
Wootton Upper School Targeted by Hive Ransomware Group
Victim Profile
Wootton Upper School is part of the Wootton Academy Trust, which operates in the education sector. The school's website provides information about the school's mission, values, and facilities. The school is known for its commitment to providing a high-quality education and fostering a supportive learning environment.
Vulnerabilities and Impact
The Hive ransomware group claimed to have breached the Trust's network several weeks ago and obtained sensitive data, including home addresses, bank details, medical records, and students' psychological reviews. The group threatened to release this data if the Trust did not pay the ransom. The attack disrupted the school's operations, affecting scheduling for next year and the production of some grade sheets.
The Trust has reported the incident to the Information Commissioner's Office and the police. The school's executive principal, Michael Gleeson, has confirmed the attack and is working with specialist third-party experts to rebuild the IT system. The Trust has also engaged its insurer to assist with minimizing disruption.
Hive Ransomware Group
Hive is a Russian-speaking ransomware-as-a-service gang that has been active since June 2021. The group has targeted over 350 victims, including organizations in the private and public sectors. Hive is known for its aggressive tactics and has been particularly active in the healthcare sector. The group has reportedly demanded large ransoms, such as $50m in Bitcoin from European consumer electronics retailer MediaMarkt.
The Hive ransomware group's attack on Wootton Upper School highlights the increasing threat of cybercrime in the education sector. Despite the disruption caused by the attack, the school is taking steps to rebuild its IT system and investigate the extent of the data breach. The incident serves as a reminder for schools and educational institutions to prioritize cybersecurity measures to protect sensitive data and mitigate the risks of ransomware attacks.
Sources
- The Record: Ransomware group demands £500,000 from British schools, citing cyber insurance policy
- teiss: Wootton Upper School presented a £500,000 ransom note by the Hive ransomware group
- Infosecurity Magazine: Ransomware Group Demands £500,000 From School
- Tech Monitor: Hive demands £500k from Wootton Academy Trust in ransomware attack
- Bedford Today: Cyber hackers threaten Bedford school, demanding '£500k or else'
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.