British School Childrens' Confidential Data Dumped

Uploaded on 2023-01-23 in NEWS-Cybersecurity News, FREE TO VIEW

Following a cyber attack on 14 British schools that happened in 2022, confidential data including information about pupils and staff has been leaked online by the hackers. The information exposed includes childrens' Special Educational Needs (SEN) information, passport scans, staff pay scales, and staff contract details.

The information was leaked after the schools hit by the attacks refused to pay ransom demands. Now, some of the schools affected have provided an update on the incident to parents, pupils and staff.

Security researchers believe the aptly-named hacking gang Vice Society was behind the attacks due to their activity conducting ransomware and extortion campaigns against other education institutions in the UK and US. The education sector has been a prime target for ransomware groups over the past few years. 

When data is stolen, Vice Society makes demands for money before leaking the documents if payment is not made. The schools affected in the British leak are from across the country, including London, Leicester , Barnstaple and Evesham.

Having failed to extract a ransom, Vice Society leaked the information on the Dark Web, a section of the Internet which is not indexed on regular search engines and requires specialist browsing software to access it. 

In October 2022, the Los Angeles Unified School District was the victim of another Vice Society attack that resulted in the ransomware group publishing the data it stole. The school district stated that it had no intentions of paying the extorters, which likely resulted in the leak. 

AJ Thompson, CCO at Northdoor commented “The nature of the data held by education, healthcare and other public sector organisations makes them particularly tempting targets for cybercriminals...  We would urge education facilities and others in the public sector to place more priority on cybersecurity. The threat from these gangs is increasing in regularity and sophistication." 

Thompson continued "I fear that these fourteen schools might just be the tip of the iceberg and without more in the sector ensuring cybersecurity is a higher priority we will see more of these incidents in the coming months.”

MyLondon:           BBC:    CSOOnline:     Secure Team:      DigitFYI:    Oodaloop:      Infosecurity Magazine:   

You Might Also Read: 

British Schools & Universities Suffer Attacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« War In Ukraine Drives A Decline In Stolen Cards
Cloud-Based Security Solutions Are On The Up »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

FAMOC

FAMOC

FAMOC is an enterprise mobile management solution that delivers comprehensive security and management for applications, documents, email, and mobile devices.

Nuvias Group

Nuvias Group

Nuvias Group is a specialist value-addedd IT distribution company offering a service-led and solution-rich proposition ready for the new world of technology supply.

Advanced Systems International SAC

Advanced Systems International SAC

Advanced Systems international is a global company dedicated to data security software design, development, support, and licensing.

Snyk

Snyk

Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world.

Inky Technology Corp

Inky Technology Corp

Inky® Phish Fence is an email protection gateway that uses sophisticated AI, machine learning and computer vision algorithms to block deep sea phishing attacks that get through every other system.

SEON Technologies

SEON Technologies

At SEON we strive to help online businesses reduce the costs, time, and challenges faced due to fraud.

Adyta

Adyta

Adyta specializes in cybersecurity solutions adapted to the needs of sovereign institutions, business groups and other organizations that handle information and sensitive or classified data.

ERI

ERI

ERI is the largest fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company in the United States.

Cyway

Cyway

Cyway is a value-added cybersecurity distributor focusing on on-prem, cloud solutions and hybrid solutions, IoT, AI & machine learning IT security technologies.

HancomWITH

HancomWITH

Hancomwith is an information security company. We provide optimized blockchain solutions in areas including next-generation authentication, security and digital asset transaction.

Data Privacy Office (DPO)

Data Privacy Office (DPO)

Data Privacy Office is a company that specializes in privacy and personal data protection, following the highest standards in its sector.

Centraleyes

Centraleyes

Centraleyes (formerly CyGov) is a cutting-edge integrated cyber risk management platform that gives organizations unparalleled understanding of their cyber risk and compliance.

Vantea SMART

Vantea SMART

Vantea SMART have decades of experience in cybersecurity resulting in an approach of proactive prevention - Security by Design and by Default.

Peris.ai

Peris.ai

Peris.ai is a cybersecurity as a service startup that protects businesses and organizations from online threats.

APCERT

APCERT

APCERT cooperates with CERTs and CSIRTs to ensure internet security in the Asia Pacific region, based around genuine information sharing, trust and cooperation.

Digital Twin Consortium (DTC)

Digital Twin Consortium (DTC)

Digital Twin Consortium is a global ecosystem of users who are driving best practices for digital twin usage and defining requirements for new digital twin standards.