The Charleston County, SC School District yesterday confirmed it notified 20,653 people about a July 2024 data breach. The district has not publicly disclosed what personal data was compromised, but it is suspected that Social Security numbers and/or other info that could be used for identity fraud were compromised. Ransomware gang RansomHub claimed responsibility for the breach in August 2024.
In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:
“RansomHub is a prominent cybercriminal gang that runs a ransomware-as-a-service business in which affiliates pay to use the group’s malware and infrastructure to launch their own attacks and collect ransoms. RansomHub started claiming attacks on its data leak site in February 2024. Since then, it’s claimed 136 confirmed ransomware attacks, compromising 6.5 million records. The group claimed another 631 unconfirmed attacks that haven’t been acknowledged by the targeted organizations.”
“In 2024, Comparitech researchers logged 75 confirmed ransomware attacks on US schools and colleges, compromising more than 2.8 million records. The average ransom is $876,000.”
“Ransomware attacks on schools and colleges disrupt day-to-day operations such as taking attendance, submitting grades, phone and email communications, billing, payroll, and assignments. Ransomware attacks are often two-pronged: they lock down systems and steal data. Schools that refuse to pay face extended downtime, lose data, and put students and faculty at increased risk of fraud.”
Other than healthcare, the education sector is low hanging fruit for threat actors. Both sectors need to be focused on so that this wave of ransomware attacks start to head in a more positive direction.
Related
This entry was posted on April 30, 2025 at 11:37 am and is filed under Commentary with tags Comparitech. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Charleston County, SC School District notifies 20,000+ people of data breach
The Charleston County, SC School District yesterday confirmed it notified 20,653 people about a July 2024 data breach. The district has not publicly disclosed what personal data was compromised, but it is suspected that Social Security numbers and/or other info that could be used for identity fraud were compromised. Ransomware gang RansomHub claimed responsibility for the breach in August 2024.
In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:
“RansomHub is a prominent cybercriminal gang that runs a ransomware-as-a-service business in which affiliates pay to use the group’s malware and infrastructure to launch their own attacks and collect ransoms. RansomHub started claiming attacks on its data leak site in February 2024. Since then, it’s claimed 136 confirmed ransomware attacks, compromising 6.5 million records. The group claimed another 631 unconfirmed attacks that haven’t been acknowledged by the targeted organizations.”
“In 2024, Comparitech researchers logged 75 confirmed ransomware attacks on US schools and colleges, compromising more than 2.8 million records. The average ransom is $876,000.”
“Ransomware attacks on schools and colleges disrupt day-to-day operations such as taking attendance, submitting grades, phone and email communications, billing, payroll, and assignments. Ransomware attacks are often two-pronged: they lock down systems and steal data. Schools that refuse to pay face extended downtime, lose data, and put students and faculty at increased risk of fraud.”
Other than healthcare, the education sector is low hanging fruit for threat actors. Both sectors need to be focused on so that this wave of ransomware attacks start to head in a more positive direction.
Share this:
Like this:
Related
This entry was posted on April 30, 2025 at 11:37 am and is filed under Commentary with tags Comparitech. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.