Medusa Ransomware Hits St. Thomas Aquinas High School
Incident Date:
July 31, 2024
Overview
Title
Medusa Ransomware Hits St. Thomas Aquinas High School
Victim
St. Thomas Aquinas High School
Attacker
Medusa
Location
First Reported
July 31, 2024
Medusa Ransomware Group Targets St. Thomas Aquinas High School
St. Thomas Aquinas High School (STA), a prestigious Roman Catholic, co-educational, college preparatory institution in Fort Lauderdale, Florida, has become the latest victim of a ransomware attack by the notorious Medusa group. The attack has resulted in a significant data breach, with 103.8 GB of sensitive information reportedly leaked.
About St. Thomas Aquinas High School
Founded in 1936, STA serves 2,420 students and employs 257 staff members on its 25-acre campus. The school is renowned for its academic and athletic excellence, emphasizing a holistic approach to education that integrates faith, community service, and personal development. STA's commitment to educational excellence and its strong Catholic identity have earned it national recognition, including the Terrel H. Bell Award for Outstanding School Leadership received by Principal Denise Aloma in 2022.
Attack Overview
The ransomware attack on STA was orchestrated by the Medusa group, which has claimed responsibility via their dark web leak site. The breach has exposed a substantial amount of sensitive data, impacting both students and staff. The school's corporate office, located at 2801 SW 12th St, Fort Lauderdale, Florida, is currently addressing the ramifications of this cyber assault.
Medusa Ransomware Group Profile
Medusa is a ransomware group that emerged in late 2022 and operates as a Ransomware-as-a-Service (RaaS) platform. The group has been involved in various high-profile attacks across multiple sectors globally, including education, healthcare, and government services. Medusa's ransomware is designed to disable numerous applications and services, making detection and mitigation challenging. The group is known for demanding substantial ransoms and publicly releasing stolen data if their demands are not met.
Potential Vulnerabilities
Educational institutions like STA are increasingly becoming targets for ransomware attacks due to their extensive databases of sensitive information and often limited cybersecurity resources. The integration of modern technology in educational settings, while beneficial for learning, can also introduce vulnerabilities that threat actors can exploit. In STA's case, the attackers may have penetrated the school's systems through phishing emails, exploiting unpatched software vulnerabilities, or leveraging weak network security protocols.
Impact and Response
The attack on STA has led to significant operational disruptions and potential long-term consequences for the affected individuals. The school is likely to face challenges in restoring its systems, securing its network, and addressing the data breach's legal and reputational implications. The incident underscores the critical need for enhanced cybersecurity measures in educational institutions to protect against increasingly sophisticated cyber threats.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.