The IT Nerd

Ransomware gang Qilin took credit for a cyber attack on Botetourt County Public Schools earlier this month and demanded the district pay a ransom by June 12, 2025. Botetourt County Public Schools has not verified Qilin’s claim.

 In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:

“Qilin is a ransomware gang that began claiming responsibility for attacks on its data leak site in late 2022. Based in Russia, Qilin mainly targets victims through phishing emails to spread its ransomware. It launched in August 2022 and runs a ransomware-as-a-service business in which affiliates pay to use Qilin’s malware to launch attacks and collect ransoms. Qilin has claimed credit for 26 confirmed ransomware attacks so far this year, plus 201 unconfirmed claims that haven’t been acknowledged by the targeted organizations.”

“At the same time that Qilin claimed the attack on BCPS, it also took credit for an attack on Logan University that remains unconfirmed. In April 2025, Qilin attacked Western New Mexico University and defaced its website.”

“Comparitech researchers have logged 19 confirmed ransomware attacks on US schools, colleges, and other educational institutions in 2025 to date. Earlier this month, ransomware gangs also hit Coweta County School System in Georgia, Bartlesville Public Schools in Oklahoma, and Kalamazoo Public Schools in Michigan. The education sector takes longer than any other to report data breaches to victims: 4.8 months on average.”

While everyone is a target for threat actors, health care and education are top targets because they are underfunded from a cybersecurity perspective. That needs to change ASAP to stop this sort of thing from happening over and over again.

This entry was posted on May 30, 2025 at 9:03 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.