British School Childrens' Confidential Data Dumped

Uploaded on 2023-01-23 in NEWS-Cybersecurity News, FREE TO VIEW

Following a cyber attack on 14 British schools that happened in 2022, confidential data including information about pupils and staff has been leaked online by the hackers. The information exposed includes childrens' Special Educational Needs (SEN) information, passport scans, staff pay scales, and staff contract details.

The information was leaked after the schools hit by the attacks refused to pay ransom demands. Now, some of the schools affected have provided an update on the incident to parents, pupils and staff.

Security researchers believe the aptly-named hacking gang Vice Society was behind the attacks due to their activity conducting ransomware and extortion campaigns against other education institutions in the UK and US. The education sector has been a prime target for ransomware groups over the past few years. 

When data is stolen, Vice Society makes demands for money before leaking the documents if payment is not made. The schools affected in the British leak are from across the country, including London, Leicester , Barnstaple and Evesham.

Having failed to extract a ransom, Vice Society leaked the information on the Dark Web, a section of the Internet which is not indexed on regular search engines and requires specialist browsing software to access it. 

In October 2022, the Los Angeles Unified School District was the victim of another Vice Society attack that resulted in the ransomware group publishing the data it stole. The school district stated that it had no intentions of paying the extorters, which likely resulted in the leak. 

AJ Thompson, CCO at Northdoor commented “The nature of the data held by education, healthcare and other public sector organisations makes them particularly tempting targets for cybercriminals...  We would urge education facilities and others in the public sector to place more priority on cybersecurity. The threat from these gangs is increasing in regularity and sophistication." 

Thompson continued "I fear that these fourteen schools might just be the tip of the iceberg and without more in the sector ensuring cybersecurity is a higher priority we will see more of these incidents in the coming months.”

MyLondon:           BBC:    CSOOnline:     Secure Team:      DigitFYI:    Oodaloop:      Infosecurity Magazine:   

You Might Also Read: 

British Schools & Universities Suffer Attacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« War In Ukraine Drives A Decline In Stolen Cards
Cloud-Based Security Solutions Are On The Up »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Allianz Commercial

Allianz Commercial

Allianz Commercial is the center of expertise and global line of Allianz Group for insuring mid-sized businesses, large enterprises and specialist risks.

AFCERT

AFCERT

AFCERT is the national Computer Emergency Response Team for Afghanistan.

Engineering Group

Engineering Group

Engineering is the Digital Transformation Company, a leader in Italy and with over 80 offices across Europe, the United States, and South America.

QA

QA

QA is a leading IT training provider in the UK with over 1,500 courses covering all areas of IT including Cyber Security.

Immersive

Immersive

Immersive unifies Cyber Drills, Exercises, Sims, Ranges, and Training into one single, adaptive platform. One Platform. Total Cyber Resilience.

SANS CyberStart

SANS CyberStart

SANS CyberStart is a unique and innovative suite of tools and games designed to introduce children and young adults to the field of cyber security.

Egyptian Supreme Cybersecurity Council (ESCC)

Egyptian Supreme Cybersecurity Council (ESCC)

ESCC is responsible for developing a national strategy to face and respond to the cyber threats and attacks and to oversee its implementation and update.

Silicon Cloud International

Silicon Cloud International

Silicon Cloud is a high performance and secure cloud computing platform for engineering and scientific applications.

White Cloud Security

White Cloud Security

White Cloud is a cloud-based Application Trust-Listing security service that prevents unauthorized programs from running on your computers.

Kriptos

Kriptos

Kriptos helps businesses improve their cybersecurity, risk, and compliance strategies by locating critical information through a technology that automatically classifies and labels documents using AI.

Assured Clarity

Assured Clarity

Assured Clarity are a global consultancy, specialising in Risk Management and Data Privacy, through Education, Awareness and Training, throughout an organisation.

Ermes

Ermes

Ermes – Intelligent Web Protection provides companies with a solution that effectively secures them against web threats.

Sekur Private Data

Sekur Private Data

Sekur Private Data Ltd. is a Cybersecurity and Internet privacy provider of Swiss hosted solutions for secure communications and secure data management.

Redington

Redington

Redington offer products and services in solution areas including digital transformation, hybrid infrastructure and cybersecurity.

Thoropass

Thoropass

Thoropass (formerly Laika) helps you get and stay compliant with smart software and expert services.

Trium Cyber

Trium Cyber

Trium Cyber - Expert Cyber Underwriting and Claims Management. Based in the US and UK. Backed by Lloyd’s of London.