Hackers release children’s private details after schools refuse to pay ransom

Thousands of Nevada pupils’ addresses, grades and social security numbers leaked online in mass doxxing

Anthony Cuthbertson
Tuesday 29 September 2020 13:01 EDT
Comments
Hackers published children's names, addresses and other private details
Hackers published children's names, addresses and other private details (Getty Images/iStockphoto)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Thousands of US students have had their addresses and other private details leaked online after school district officials failed to meet a hacker’s ransom demand.

The mass doxxing took place in Clark County, Nevada, exposing the names, addresses, grades, social security numbers and some financial information of the victims.

The hacking attack, which also disclosed employees’ personal information, took place during the first week of online classes since returning from summer break.

It took the form of a ransomware attack, in which hackers illegally gain access to an organisation’s computer system and encrypt the files so that they can no longer be accessed without a password. The attackers then demand payment in exchange for the password needed to take back control of the encrypted system.

Nearly three weeks after the attack was first reported, cyber security specialist Brett Callow discovered documents containing the school’s records in an online hacking forum - suggesting the ransom was not met - according to The Wall Street Journal.

The Clark County School District (CCSD) did not immediately respond to a request for comment, but previously said it was working with forensic investigators.

“CCSD is working diligently to determine the full nature and scope of the incident and is cooperating with law enforcement,” a spokesperson said.

“As the investigation continues, CCSD will be individually notifying affected individuals. CCSD values openness and transparency and will keep parents, employees, and the public informed as new, verified information becomes available."

Ransomware attacks have become increasingly common in recent years, facilitated by the rise of cryptocurrencies that offer an efficient way to anonymously receive ransoms.

More than 40 per cent of all cyber insurance claims in the first half of 2020 were ransomware-related, according to leading insurance firm Coalition, with claims ranging from $1,000 (£778) to $2m (£1.56m.)

The cost of such attacks is not always just financial, however.

A ransomware attack on Dusseldorf University Clinic earlier this month locked computer systems and forced ambulance drivers to divert to other health facilities.

One woman in a critical condition subsequently died as a result of delays to her treatment. The hackers later withdrew the extortion attempt.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in