British School Childrens' Confidential Data Dumped

Uploaded on 2023-01-23 in NEWS-Cybersecurity News, FREE TO VIEW

Following a cyber attack on 14 British schools that happened in 2022, confidential data including information about pupils and staff has been leaked online by the hackers. The information exposed includes childrens' Special Educational Needs (SEN) information, passport scans, staff pay scales, and staff contract details.

The information was leaked after the schools hit by the attacks refused to pay ransom demands. Now, some of the schools affected have provided an update on the incident to parents, pupils and staff.

Security researchers believe the aptly-named hacking gang Vice Society was behind the attacks due to their activity conducting ransomware and extortion campaigns against other education institutions in the UK and US. The education sector has been a prime target for ransomware groups over the past few years. 

When data is stolen, Vice Society makes demands for money before leaking the documents if payment is not made. The schools affected in the British leak are from across the country, including London, Leicester , Barnstaple and Evesham.

Having failed to extract a ransom, Vice Society leaked the information on the Dark Web, a section of the Internet which is not indexed on regular search engines and requires specialist browsing software to access it. 

In October 2022, the Los Angeles Unified School District was the victim of another Vice Society attack that resulted in the ransomware group publishing the data it stole. The school district stated that it had no intentions of paying the extorters, which likely resulted in the leak. 

AJ Thompson, CCO at Northdoor commented “The nature of the data held by education, healthcare and other public sector organisations makes them particularly tempting targets for cybercriminals...  We would urge education facilities and others in the public sector to place more priority on cybersecurity. The threat from these gangs is increasing in regularity and sophistication." 

Thompson continued "I fear that these fourteen schools might just be the tip of the iceberg and without more in the sector ensuring cybersecurity is a higher priority we will see more of these incidents in the coming months.”

MyLondon:           BBC:    CSOOnline:     Secure Team:      DigitFYI:    Oodaloop:      Infosecurity Magazine:   

You Might Also Read: 

British Schools & Universities Suffer Attacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« War In Ukraine Drives A Decline In Stolen Cards
Cloud-Based Security Solutions Are On The Up »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Rambus Security Division

Rambus Security Division

Rambus Security Division solutions span areas including tamper resistance, content protection, network security, mobile payment, smart ticketing, and trusted provisioning services.

ForgeRock

ForgeRock

ForgeRock, the leader in digital identity, delivers comprehensive Identity and Access Management solutions for consumers, employees and things to simply and safely access the connected world.

SANS CyberStart

SANS CyberStart

SANS CyberStart is a unique and innovative suite of tools and games designed to introduce children and young adults to the field of cyber security.

MASS

MASS

MASS provides world-class capabilities in electronic warfare operational support, cyber security, information management, support to military operations and law enforcement.

ES2

ES2

ES2 is a consulting organisation specialising in Enterprise Security and Solutions Services.

CyberDegrees.org

CyberDegrees.org

CyberDegrees.org aims to provide top-notch information for students seeking Cyber Security education and career guidance.

Hyperion Gray

Hyperion Gray

Hyperion Gray are a small research and development team focused on innovative work in a variety of areas including Software & Security Research, Penetration Testing, Incident Response, and Red Teaming

Seadot Cybersecurity

Seadot Cybersecurity

Seadot offer cybersecurity services to organizations with a high demand for regulatory compliance and security.

Digital Pathways

Digital Pathways

Digital Pathways is an award-winning data security provider that helps businesses protect their digital assets.

Solvere One

Solvere One

Solvere One is a managed service provider (MSP) focused on corporate consulting and partnership.

Zilla Security

Zilla Security

Zilla combines identity governance with cloud security to deliver comprehensive access visibility, reviews, lifecycle management, and policy-based security remediation.

Cranium

Cranium

AI is being implemented into every business process, but nobody knows whether their AI is secure. Our mission is to deliver security and trust to the AI revolution.

TachTech

TachTech

TachTech is passionate about trust, security and privacy in the digital world. We create tailored security and compliance solutions to improve your business.

EkoCyber

EkoCyber

EkoCyber partner with businesses as a value-added MSSP to provide top-tier, trusted and transparent cyber security services at an affordable price point.

Wattlecorp Cybersecurity Labs

Wattlecorp Cybersecurity Labs

Wattlecorp Cybersecurity Labs are a group of IT security specialists, ethical hackers, and researchers driven to identify security flaws before cyber threat actors does.

CyberCure

CyberCure

CyberCure provide specialised roles and services to manage your organisations cybersecurity requirements and professional advisory services in governance, risk and compliance.