British School Childrens' Confidential Data Dumped

Uploaded on 2023-01-23 in NEWS-News Analysis, FREE TO VIEW

Following a cyber attack on 14 British schools that happened in 2022, confidential data including information about pupils and staff has been leaked online by the hackers. The information exposed includes childrens' Special Educational Needs (SEN) information, passport scans, staff pay scales, and staff contract details.

The information was leaked after the schools hit by the attacks refused to pay ransom demands. Now, some of the schools affected have provided an update on the incident to parents, pupils and staff.

Security researchers believe the aptly-named hacking gang Vice Society was behind the attacks due to their activity conducting ransomware and extortion campaigns against other education institutions in the UK and US. The education sector has been a prime target for ransomware groups over the past few years. 

When data is stolen, Vice Society makes demands for money before leaking the documents if payment is not made. The schools affected in the British leak are from across the country, including London, Leicester , Barnstaple and Evesham.

Having failed to extract a ransom, Vice Society leaked the information on the Dark Web, a section of the Internet which is not indexed on regular search engines and requires specialist browsing software to access it. 

In October 2022, the Los Angeles Unified School District was the victim of another Vice Society attack that resulted in the ransomware group publishing the data it stole. The school district stated that it had no intentions of paying the extorters, which likely resulted in the leak. 

AJ Thompson, CCO at Northdoor commented “The nature of the data held by education, healthcare and other public sector organisations makes them particularly tempting targets for cybercriminals...  We would urge education facilities and others in the public sector to place more priority on cybersecurity. The threat from these gangs is increasing in regularity and sophistication." 

Thompson continued "I fear that these fourteen schools might just be the tip of the iceberg and without more in the sector ensuring cybersecurity is a higher priority we will see more of these incidents in the coming months.”

MyLondon:           BBC:    CSOOnline:     Secure Team:      DigitFYI:    Oodaloop:      Infosecurity Magazine:   

You Might Also Read: 

British Schools & Universities Suffer Attacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« War In Ukraine Drives A Decline In Stolen Cards
Cloud-Based Security Solutions Are On The Up »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Waterfall Security Solutions

Waterfall Security Solutions

Waterfall Security is focused on protecting critical infrastructure and industrial control systems from remote online cyber attacks,

Ethio-CERT

Ethio-CERT

National Cyber Emergency Readiness and Response Team of Ethiopia.

Alan Boswell Group

Alan Boswell Group

We are a Group of Companies providing specialist Insurance Broking and Risk Management advice and services including Cyber Risk cover.

Thomas Miller Specialty

Thomas Miller Specialty

Thomas Miller Specialty is a commercial Managing General Agency providing specialty risks insurance including Cyber & e-crime insurance.

GeoLang

GeoLang

GeoLang’s Ascema platform protects sensitive information at the content level by identifying, classifying and tracking data across the corporate infrastructure.

Smoothwall

Smoothwall

Smoothwall develop intelligent web filtering, Monitoring and security solutions designed to protect users worldwide.

UKAS

UKAS

UKAS is the national accreditation body for the UK. The directory of members provides details of organisations offering certification services for ISO 27001.

CyberDegrees.org

CyberDegrees.org

CyberDegrees.org aims to provide top-notch information for students seeking Cyber Security education and career guidance.

VIRTIS

VIRTIS

VIRTIS' mission is to provide today's leading organizations peace of mind that their entire digital network perimeter is safe from hackers and data breach.

Arqit Quantum

Arqit Quantum

Arqit's mission is to use transformational quantum encryption technology to keep safe the data of our governments, enterprises and citizens.

RegScale

RegScale

RegScale helps organizations comply in real-time with multiple compliance requirements (NIST, CMMC, ISO, SOX, etc), scalable to meet the needs of the entire enterprise.

Nitel

Nitel

Nitel is a leading next-generation technology services provider. We simplify the complex technology challenges of today’s enterprises to create seamless and integrated managed network solutions.

CyberHub

CyberHub

CyberHub is an educational platform that offers professional courses and knowledge sharing through articles and videos to help students discover their potential in cybersecurity.

CyberUp

CyberUp

CyberUp is a nonprofit organization created to strengthen the cybersecurity workforce. We help employers reimagine how they grow and scale their cybersecurity workforce.

Rampart AI

Rampart AI

Tackling DevSecOps Issues In Application Security. Rampart has revolutionized the shift left security approach, applying zero-trust to application development.

Inholo

Inholo

Inholo offers tools to manage the risks of synthetic realities, starting with an AI-photo detection service.