vicesociety attacks Lufkin Independent School District

Incident Date:

January 6, 2022

World map

Overview

Title

vicesociety attacks Lufkin Independent School District

Victim

Lufkin Independent School District

Attacker

Vicesociety

Location

Lufkin, USA

Texas, USA

First Reported

January 6, 2022

Lufkin Independent School District Targeted by Ransomware Group ViceSociety

The Lufkin Independent School District (ISD) in Lufkin, Texas, has been targeted by the ransomware group ViceSociety, as claimed on the group's dark web leak site. The district, which operates in the Education sector, serves a range of primary, elementary, and secondary schools, catering to students between 5-18 years of age throughout the community.

In 2021, Lufkin ISD was already hit by a major ransomware attack, with hackers based in the Netherlands gaining control of four security camera servers, accessing, moving, and encrypting data from the district’s virtual servers. The attack resulted in the theft of sensitive data belonging to 11,000 of the district’s staff and students, as well as the loss of control over functions such as air conditioning, registration, and grade administration. The hackers demanded $1.5 million in bitcoin to restore access.

Following the 2021 attack, Lufkin ISD underwent a comprehensive review of its systems to protect against cyber risks, focusing on strengthening its security posture and implementing proactive measures. The district hired a cybersecurity analyst to review the Dell Managed Detection and Response dashboard each day, collaborating with Dell to remediate any issues that may arise.

Despite these efforts, the district has once again fallen victim to a ransomware attack, this time by the ViceSociety group. The size and impact of this latest attack are not yet clear, but it is a concerning development for the district, which has already experienced the devastating consequences of a ransomware attack in the recent past.

The Lufkin ISD serves a significant number of students and staff, making it a valuable target for threat actors. The district's vulnerabilities in the face of these attacks may include outdated security protocols, insufficient employee training, or a lack of robust monitoring and response capabilities.

As the investigation into this latest attack continues, it is crucial for Lufkin ISD to learn from its past experiences and implement comprehensive security measures to protect its students, staff, and sensitive data from future threats.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.