medusa attacks Minneapolis Public Schools

Date:

March 9, 2023

World map

Overview

Title

medusa attacks Minneapolis Public Schools

Victim

Minneapolis Public Schools

Attacker

medusa

Location

Minneapolis, USA

Minneapolis, Minnesota

Size of Attack

Unknown/TBD

First Reported

March 9, 2023

Last Updated

October 31, 2022

Minneapolis Public Schools are facing a March 17 deadline to pay a million-dollar ransom demand after attackers posted sensitive data that was exfiltrated as leverage in a ransomware attack. The Medusa ransomware gang has claimed responsibility for the attack that has caused widespread disruptions to the district’s operations. The attackers posted a video online to prove they have the stolen data in hand and are prepared to leak it if the ransom demand is not met.  

“A preliminary review of the gang’s dark web leak site by The 74 suggest the compromised files include a significant volume of sensitive documents, including records related to student sexual violence allegations, district finances, student discipline, special education, civil rights investigations, student maltreatment and sex offender notifications,” reports noted.

Takeaway: Ransomware groups continue to prove they are ruthless, heartless criminals with zero consciences. They continue to victimize organizations in education and healthcare simply because they are easy targets.  These sectors usually lack the appropriate budgets and staff to maintain a reasonable security posture. Despite available grant money or technology donations from big companies, these organizations likely lack the staff to properly manage and protect their infrastructure.  

Even if the attack is easily resolved, students whose personal information was stolen may continue to be at risk of identity theft and financial fraud into the unforeseeable future. Ransomware attacks and data exfiltration will continue unabated until profit motives are eliminated.  

To protect themselves, EDU organizations must reevaluate what kinds of data they collect and store, for how long and pinpoint where it’s stored. They continue to keep legacy student data that is no longer relevant or needed. Eliminating unnecessary data will make EDU organizations a less attractive target to attackers, thus, minimizing potential threats.

Updates: (descending from most recent)

Minneapolis Public Schools are facing a March 17 deadline to pay a million-dollar ransom demand after attackers posted sensitive data that was exfiltrated...

Oh no!

This attack's description was not found, while we work on the detailed account of this attack we invite you to browse through other recent Rasomware Attacks in the table below.

Attack reported by

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.

clop attacks Virgin Group
Date
March 23, 2023
Ransomware group
clop
Location

London, United Kingdom

, United Kingdom

Industry
Transportation & Warehousing
Victim
Virgin Group
clop attacks Virgin Group
Date
March 23, 2023
Ransomware group
clop
Location

London, United Kingdom

, United Kingdom

Industry
Transportation & Warehousing
Victim
Virgin Group
clop attacks Saks Fifth Avenue
Date
March 21, 2023
Ransomware group
clop
Location

New York, USA

New York, USA

Industry
Retail Trade
Victim
Saks Fifth Avenue
clop attacks Saks Fifth Avenue
Date
March 21, 2023
Ransomware group
clop
Location

New York, USA

New York, USA

Industry
Retail Trade
Victim
Saks Fifth Avenue
Ferrari Attacked
Date
March 20, 2023
Ransomware group
Unknown
Location

Maranello, Italy

, Italy

Industry
Manufacturing
Victim
Ferrari
Ferrari Attacked
Date
March 20, 2023
Ransomware group
Unknown
Location

Maranello, Italy

, Italy

Industry
Manufacturing
Victim
Ferrari
lockbit attacks SpaceX
Date
March 15, 2023
Ransomware group
lockbit
Location

Hawthorne, USA

California, USA

Industry
Manufacturing
Victim
SpaceX
lockbit attacks SpaceX
Date
March 15, 2023
Ransomware group
lockbit
Location

Hawthorne, USA

California, USA

Industry
Manufacturing
Victim
SpaceX
alphv attacks Ring
Date
March 14, 2023
Ransomware group
alphv
Location

Santa Monica, USA

CA, USA

Industry
Information & Technology
Victim
Ring
alphv attacks Ring
Date
March 14, 2023
Ransomware group
alphv
Location

Santa Monica, USA

CA, USA

Industry
Information & Technology
Victim
Ring
medusa attacks Minneapolis Public Schools
Date
March 9, 2023
Ransomware group
medusa
Location

Minneapolis, USA

Minnesota, USA

Industry
Education
Victim
Minneapolis Public Schools
medusa attacks Minneapolis Public Schools
Date
March 9, 2023
Ransomware group
medusa
Location

Minneapolis, USA

Minnesota, USA

Industry
Education
Victim
Minneapolis Public Schools
IceFire Ransomware Targeting Linux Distributions
Date
March 9, 2023
Ransomware group
icefire
Location

, USA

, USA

Industry
Information & Technology
Victim
Linux Systems
IceFire Ransomware Targeting Linux Distributions
Date
March 9, 2023
Ransomware group
icefire
Location

, USA

, USA

Industry
Information & Technology
Victim
Linux Systems
lockbit3 attacks Indigo.ca
Date
February 28, 2023
Ransomware group
lockbit3
Location

Toronto, Canada

, Canada

Industry
Arts, Entertainment & Recreation
Victim
Indigo.ca
lockbit3 attacks Indigo.ca
Date
February 28, 2023
Ransomware group
lockbit3
Location

Toronto, Canada

, Canada

Industry
Arts, Entertainment & Recreation
Victim
Indigo.ca
Ransomware Attack on California Healthcare Provider Impacts 3.3 Million
Date
February 23, 2023
Ransomware group
Unknown
Location

Temecula, USA

California, USA

Industry
Healthcare
Victim
Regal Medical Group
Ransomware Attack on California Healthcare Provider Impacts 3.3 Million
Date
February 23, 2023
Ransomware group
Unknown
Location

Temecula, USA

California, USA

Industry
Healthcare
Victim
Regal Medical Group
HHS Alerts on Cl0p Ransomware Following GoAnywhere MFT Exploits
Date
February 23, 2023
Ransomware group
clop
Location

Washington, D.C., USA

, USA

Industry
Healthcare
Victim
Department of Health and Human Services
HHS Alerts on Cl0p Ransomware Following GoAnywhere MFT Exploits
Date
February 23, 2023
Ransomware group
clop
Location

Washington, D.C., USA

, USA

Industry
Healthcare
Victim
Department of Health and Human Services