Ransomware Attack on Englewood Public School District by LockBit 3.0

Incident Date:

May 16, 2024

World map

Overview

Title

Ransomware Attack on Englewood Public School District by LockBit 3.0

Victim

Englewood Public School District

Attacker

Lockbit3

Location

Englewood, USA

New Jersey, USA

First Reported

May 16, 2024

Ransomware Attack on Englewood Public School District by LockBit 3.0

Victim Overview

The Englewood Public School District, located in Englewood, New Jersey, was targeted by the cybercrime group LockBit 3.0. The district operates in the education sector, providing education to students in the area.

Company Size and Standout

The size of the Englewood Public School District is significant, serving students in Englewood, New Jersey. The district is notable for its commitment to education and community engagement, offering various programs and services to support student learning and well-being.

Vulnerabilities

Being in the education sector, the Englewood Public School District may have been targeted by threat actors due to the sensitive nature of the data they hold, including student and staff information. Educational institutions are often seen as lucrative targets for ransomware attacks due to the valuable data they possess.

Attack Details

LockBit 3.0, a Ransomware-as-a-Service (RaaS) group, used ransomware to compromise the district's website. The attack likely involved encrypting files, modifying filenames, changing desktop wallpaper, and dropping a ransom note on the victim's desktop.

Ransomware Group Overview

LockBit 3.0 is an evolution of the LockBit ransomware group, known for its advanced and dangerous ransomware capabilities. The group operates under a Ransomware-as-a-Service (RaaS) model, allowing other cybercriminals to use their malware for attacks.

Penetration Method

The ransomware group distinguishes itself by its advanced features, including the ability to move laterally through a network via group policy updates and delete traces of itself to cover its tracks. The ransomware group may have penetrated the Englewood Public School District's systems through phishing emails, unpatched software vulnerabilities, or weak security practices.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.