British School Childrens' Confidential Data Dumped

Uploaded on 2023-01-23 in NEWS-Cybersecurity News, FREE TO VIEW

Following a cyber attack on 14 British schools that happened in 2022, confidential data including information about pupils and staff has been leaked online by the hackers. The information exposed includes childrens' Special Educational Needs (SEN) information, passport scans, staff pay scales, and staff contract details.

The information was leaked after the schools hit by the attacks refused to pay ransom demands. Now, some of the schools affected have provided an update on the incident to parents, pupils and staff.

Security researchers believe the aptly-named hacking gang Vice Society was behind the attacks due to their activity conducting ransomware and extortion campaigns against other education institutions in the UK and US. The education sector has been a prime target for ransomware groups over the past few years. 

When data is stolen, Vice Society makes demands for money before leaking the documents if payment is not made. The schools affected in the British leak are from across the country, including London, Leicester , Barnstaple and Evesham.

Having failed to extract a ransom, Vice Society leaked the information on the Dark Web, a section of the Internet which is not indexed on regular search engines and requires specialist browsing software to access it. 

In October 2022, the Los Angeles Unified School District was the victim of another Vice Society attack that resulted in the ransomware group publishing the data it stole. The school district stated that it had no intentions of paying the extorters, which likely resulted in the leak. 

AJ Thompson, CCO at Northdoor commented “The nature of the data held by education, healthcare and other public sector organisations makes them particularly tempting targets for cybercriminals...  We would urge education facilities and others in the public sector to place more priority on cybersecurity. The threat from these gangs is increasing in regularity and sophistication." 

Thompson continued "I fear that these fourteen schools might just be the tip of the iceberg and without more in the sector ensuring cybersecurity is a higher priority we will see more of these incidents in the coming months.”

MyLondon:           BBC:    CSOOnline:     Secure Team:      DigitFYI:    Oodaloop:      Infosecurity Magazine:   

You Might Also Read: 

British Schools & Universities Suffer Attacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« War In Ukraine Drives A Decline In Stolen Cards
Cloud-Based Security Solutions Are On The Up »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

E-Tech

E-Tech

E-Tech has been providing system support and information technology consulting services including Internet and Network Security assessments.

Berkman Klein Center for Internet & Society

Berkman Klein Center for Internet & Society

The Berkman Klein Center for Internet & Society is a research center at Harvard University that focuses on the study of cyberspace.

Sonatype

Sonatype

Sonatype protects the world's enterprise software from security, compliance, licensing risks, while reducing application development and deployment time.

Rockwell Automation

Rockwell Automation

Rockwell Automation offer industrial security solutions to protect the integrity and availability of your complex automation solutions.

French Expert Center Against Cybercrime (CECyF)

French Expert Center Against Cybercrime (CECyF)

CECyF is a centre of excellence for countering cybercrime in France.

Recruit.net

Recruit.net

Recruit.net allows job seekers to instantly find millions of jobs from thousands of web sites with a single search.

Zacco

Zacco

Zacco offer a 360° perspective on intellectual property: From patent filing and trademark registration to software development, digital brand protection, cyber security and portfolio management.

LeadingIT

LeadingIT

Leading IT provides IT support, cloud computing, email support, cybersecurity, networking and firewall services to Chicagoland businesses.

Data Protection Commission (DPC)

Data Protection Commission (DPC)

The Data Protection Commission (DPC) is the national independent authority responsible for upholding the fundamental right of individuals in the EU to have their personal data protected.

Software Improvement Group (SIG)

Software Improvement Group (SIG)

Software Improvement Group helps business and technology leaders drive their organizational objectives by fundamentally improving the health and security of their software applications.

Open Source Security Foundation (OpenSSF)

Open Source Security Foundation (OpenSSF)

OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all.

Babble

Babble

Babble is a Unified Comms, Contact Centre and Cyber Solutions provider. We believe in making next-generation technology simple to use, deploy and manage.

Lodestone

Lodestone

Lodestone partners with clients to help them mitigate business and reputational risk, through our human-based, approach to cyber security, digital forensics and incident response.

Cynch Security

Cynch Security

Cynch Security are passionate about building a world where every business is resilient to cybersecurity risks, no matter what their size.

IT.ie

IT.ie

IT.ie are a comprehensive provider of Managed IT Services, Cloud Solutions, Cyber Security, and proactive IT support services.

Redport Information Assurance

Redport Information Assurance

Redport Information Assurance is an information assurance and cyber security solutions provider offering integrated business solutions for all levels of government.