Ransomware gang Fog yesterday claimed responsibility for a February 2025 data breach at Williamsburg-James City County Schools in Virginia. The group is demanding an undisclosed amount be paid in ransom in exchange for stolen data.
WJCC announced it was hit by a cyber attack on February 9 and that systems were restored by February 14. An investigation of the attack and what data was compromised is still ongoing, and WJCC has not publicly disclosed a data breach.
In a post on its website, Fog says it stole 27.7 GB of data from WJCC. The school district has not verified Fog’s claim.
We do not yet know what data was compromised, if WJCC did or will pay a ransom, how much Fog demanded, or how attackers breached WJCC’s network. Comparitech contacted WJCC for comment and will update this article if it replies.
Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote in a blog post:
“Fog is a ransomware gang that first started claiming attacks on its website in July 2024. It has a history of targeting US schools but is not limited to them. In addition to encrypting files, Fog also steals data and targets development environments, such as repositories stored on GitLab.”
“Fog has claimed 16 confirmed ransomware attacks since it began, plus another 155 unconfirmed claimed that have not been acknowledged by the targeted organizations. Of Fog’s six confirmed attacks in 2025, five were against schools.”
“So far in 2025, Comparitech researchers logged eight confirmed ransomware attacks against US schools, colleges, and other educational institutions. Ransomware attacks on schools and other education facilities can disrupt day-to-day operations such as taking attendance, submitting grades, phone and email communications, billing, payroll, and assignments. Ransomware attacks are often two-pronged: they lock down systems and steal data. Schools that refuse to pay can face extended downtime, lose data, and put students and faculty at increased risk of fraud.”
This is the second story today that involved a ransomware gang pwning an organization. This should highlight that this is a today problem and organizations need to immediately take action to not get pwned.
Related
This entry was posted on March 7, 2025 at 3:04 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Ransomware gang says it hacked a Virginia school district and stole data
Ransomware gang Fog yesterday claimed responsibility for a February 2025 data breach at Williamsburg-James City County Schools in Virginia. The group is demanding an undisclosed amount be paid in ransom in exchange for stolen data.
WJCC announced it was hit by a cyber attack on February 9 and that systems were restored by February 14. An investigation of the attack and what data was compromised is still ongoing, and WJCC has not publicly disclosed a data breach.
In a post on its website, Fog says it stole 27.7 GB of data from WJCC. The school district has not verified Fog’s claim.
We do not yet know what data was compromised, if WJCC did or will pay a ransom, how much Fog demanded, or how attackers breached WJCC’s network. Comparitech contacted WJCC for comment and will update this article if it replies.
Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote in a blog post:
“Fog is a ransomware gang that first started claiming attacks on its website in July 2024. It has a history of targeting US schools but is not limited to them. In addition to encrypting files, Fog also steals data and targets development environments, such as repositories stored on GitLab.”
“Fog has claimed 16 confirmed ransomware attacks since it began, plus another 155 unconfirmed claimed that have not been acknowledged by the targeted organizations. Of Fog’s six confirmed attacks in 2025, five were against schools.”
“So far in 2025, Comparitech researchers logged eight confirmed ransomware attacks against US schools, colleges, and other educational institutions. Ransomware attacks on schools and other education facilities can disrupt day-to-day operations such as taking attendance, submitting grades, phone and email communications, billing, payroll, and assignments. Ransomware attacks are often two-pronged: they lock down systems and steal data. Schools that refuse to pay can face extended downtime, lose data, and put students and faculty at increased risk of fraud.”
This is the second story today that involved a ransomware gang pwning an organization. This should highlight that this is a today problem and organizations need to immediately take action to not get pwned.
Share this:
Like this:
Related
This entry was posted on March 7, 2025 at 3:04 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.