Ransomware Operators Are Exposing Children’s Most Sensitive Information


July 5, 2023

World map

Minneapolis Public Schools were facing a March 17 deadline to pay a $1 million ransom demand after attackers posted sensitive data that was exfiltrated as leverage in a ransomware attack.

Noe the district and the families they serve are facing the exposure online of the most intimate details of some student’s lives as more confidential documents are dumped online by ransomware gangs.

The data includes descriptions of sexual assaults against students, psychiatric diagnosis, abuse, truancy, suicide attempts, and more.

“Complete sexual assault case folios containing these details were among more than 300,000 files dumped online in March after the 36,000-student Minneapolis Public Schools refused to pay a $1 million ransom,” the Associated Press reports.

“Other exposed data included medical records, discrimination complaints, Social Security numbers and contact information of district employees.”

Takeaway: We are seeing record-setting attack levels against schools in recent months causing more than disruptions to operations - these attacks are impacting the lives of some of the most vulnerable children.  

The exposure of such intimate details of abuse, of student mental health status, and other extremely sensitive information is just heartbreaking.  

Unfortunately, that's the strategy of the attackers: the more pain they can inflict, the more money they can potentially make. Ransomware operators are ruthless and will continue to victimize the education sector simply because they are easy targets.  

The targeted schools are in a difficult position, where authorities like the FBI advise them not to pay the ransom demand, but now they have some culpability for further damaging the lives of these children and their families for having not paid.  

There are no easy choices here. There is no way to put a price tag on the lasting impact this will have on these kids.

Schools lack the needed funding to maintain even basic security programs, so they cannot be expected to defend adequately against well-funded, highly skilled threat actors. The legacy security tools that are affordable to schools are simply not capable of addressing the unique threat that ransomware presents.  

Ransomware operators and other threat actors routinely bypass, blind, evade or otherwise circumvent these defenses with little effort.

The exposing of these students' most private affairs will continue to put them at risk of discrimination, extortion, identity theft and financial fraud well into the unforeseeable future.  

Schools need more resources to protect vulnerable students, but they cannot do this without adequate funding. Guidelines are good, but they cannot implement the guidelines if they do not have the resources and skilled personnel.

If we are concerned about protecting children and preventing school closures, we need to make sure they have the funding they need to be successful against these well-resourced attackers.  

It comes down to a choice, and thus far we have not collectively made the choice as a society to adequately invest in protecting our students and schools from the most nefarious of international criminal organizations.

Halcyon.ai is the industry’s first dedicated, adaptive security platform that combines multiple advanced proprietary prevention engines along with AI models focused specifically on stopping ransomware – talk to a Halcyon expert today to find out more.