lockbit2 attacks Sapulpa Public Schools

Incident Date:

March 3, 2022

World map



lockbit2 attacks Sapulpa Public Schools


Sapulpa Public Schools




Sapulpa, USA

Oklahoma, USA

First Reported

March 3, 2022

Ransomware Attack on Sapulpa Public Schools

Sapulpa Public Schools, a Pre-K-12 district located in Sapulpa, Oklahoma, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site. The district operates in the Education sector and has been affected by the ransomware attack, which has disrupted their network and server operations.

Sapulpa Public Schools is a mid-sized district with 27 schools. The district is known for its commitment to academic excellence in a caring environment. Despite the attack, the school year is scheduled to begin on August 21, 2024, as planned.

The district has not disclosed the type of ransomware used in the attack or the ransom amount demanded. Ransom demands have varied widely, ranging from a few hundred dollars to hundreds of thousands of dollars, typically requested in the form of cryptocurrency. The district has notified the FBI of the attack and has not indicated whether they plan to pay the ransom.

The attack on Sapulpa Public Schools is part of a growing trend of ransomware attacks targeting schools, universities, and local governments. The district has been working with cybersecurity experts to address the issue.

Vulnerabilities and Mitigation

Ransomware attacks can exploit vulnerabilities in outdated software, unpatched systems, and weak passwords. To mitigate the risk of ransomware attacks, organizations should:

  • Regularly update software and systems.
  • Implement strong password policies.
  • Conduct regular security audits.
  • Train employees on cybersecurity best practices.
  • Back up data regularly and test recovery procedures.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.