Alvin Independent School District over the weekend confirmed it notified 47,606 people about a June 2024 data breach that compromised the personal info including names, SSNs, credit and debit card numbers, financial account numbers, medical and health insurance info, and more. Ransomware gang Fog claimed responsibility for this attack in July 2024, but AISD has not yet verified this claim.
In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:
“Fog is a ransomware gang that first started claiming attacks on its website in July 2024. It has a history of targeting US schools but is not limited to them. In addition to encrypting files, Fog also steals data and targets development environments. Fog has claimed a total of 20 confirmed ransomware attacks, 12 of which were on educational institutions. Most recently, the gang attacked the University of Applied Sciences and Arts Northwestern in Switzerland. Fog claimed another 157 unconfirmed attacks that haven’t been acknowledged by the targeted organizations, 80 of which it claimed in 2025. However, the group stopped posting new victims in April.”
“In 2024, Comparitech researchers logged 79 confirmed ransomware attacks on US schools and colleges. Those attacks compromised 2,857,156 records and came with an average ransom demand of $827,000. In 2025 to date, we’ve tracked 15 confirmed ransomware attacks on US education, plus 36 unconfirmed claims.”
This incident highlights how vulnerable schools are. Which is why more time and effort needs to be put into defending them so that they stop being the easiest targets for threat actors. And the sooner that happens the better.
Related
This entry was posted on May 5, 2025 at 1:26 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Texas school district notifies 47K students and staff of data breach that leaked SSNs, credit cards, and more
Alvin Independent School District over the weekend confirmed it notified 47,606 people about a June 2024 data breach that compromised the personal info including names, SSNs, credit and debit card numbers, financial account numbers, medical and health insurance info, and more. Ransomware gang Fog claimed responsibility for this attack in July 2024, but AISD has not yet verified this claim.
In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:
“Fog is a ransomware gang that first started claiming attacks on its website in July 2024. It has a history of targeting US schools but is not limited to them. In addition to encrypting files, Fog also steals data and targets development environments. Fog has claimed a total of 20 confirmed ransomware attacks, 12 of which were on educational institutions. Most recently, the gang attacked the University of Applied Sciences and Arts Northwestern in Switzerland. Fog claimed another 157 unconfirmed attacks that haven’t been acknowledged by the targeted organizations, 80 of which it claimed in 2025. However, the group stopped posting new victims in April.”
“In 2024, Comparitech researchers logged 79 confirmed ransomware attacks on US schools and colleges. Those attacks compromised 2,857,156 records and came with an average ransom demand of $827,000. In 2025 to date, we’ve tracked 15 confirmed ransomware attacks on US education, plus 36 unconfirmed claims.”
This incident highlights how vulnerable schools are. Which is why more time and effort needs to be put into defending them so that they stop being the easiest targets for threat actors. And the sooner that happens the better.
Share this:
Like this:
Related
This entry was posted on May 5, 2025 at 1:26 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.