College students and lecturers on the Minneapolis Public Faculty (MPS) District, which suffered a huge ransomware attack on the finish of February, have had extremely delicate details about themselves printed on the net, together with allegations of abuse by lecturers and psychological reviews.
MPS initially said that it had refused to pay a US $1 million ransom to its extortionists, and that it had efficiently restored its encrypted methods through backups.
Nevertheless, the Medusa hacking group who tried to blackmail MPS had not simply encrypted the varsity district’s knowledge however had additionally exfiltrated their very own copy of it which was in the end printed on the web, and promoted via hyperlinks on a Telegram channel.
In all, roughly 100 GB of what claimed to be knowledge from the MPS District was printed on the general public web, alongside a video abstract exhibiting a few of the contents.
NBC Information have been amongst those that examined some of the files, and was alarmed by what it discovered.
Contained within the printed knowledge have been:
- names and birthdates of youngsters with particular wants,
- particulars of their dwelling lives and any problems,
- outcomes of intelligence exams,
- and particulars of what treatment they is likely to be taking.
However the delicate knowledge did not finish there. Based on the report, the leak additionally revealed reviews of abuse:
“The leaked recordsdata additionally embody a whole bunch of kinds documenting occasions when college realized {that a} pupil had been doubtlessly mistreated. Most of these are allegations {that a} pupil had suffered neglect or was bodily harmed by a trainer or pupil. Some are terribly delicate and allege incidents like a pupil’s being sexually abused by a trainer or by one other pupil. Every report names the sufferer and cites birthday and deal with.”
Moreover, NBC Information described leaked reviews that detailed allegations of sexual abuse involving named people, and a trainer stated to have had romantic relationships with college students.
That is all, after all, appalling. However the state of affairs is made worse by the truth that knowledge stolen by the Medusa hacking group has not taken the traditional course of being printed on a darkish net leak web site, however as an alternative on a standard web site that doesn’t want a specialist device like Tor to entry it.
Posts bragging in regards to the hacks, after which pointing to the leak web site, have been printed on social media – rising the potential for the extremely damaging data to be seen by a good bigger viewers.
MPS says that it’s making an attempt to the have the leaked knowledge faraway from these public webpages, however for now – at the very least – they’re nonetheless accessible.
It is fairly clear that the Medusa group is revelling within the chaos it’s inflicting, and feels no guilt in regards to the affect it has on weak, harmless younger individuals.
Whereas some ransomware gangs have sometimes apologised and even often supplied free decryption instruments after hacking colleges, it is clear that there are various different prison teams who haven’t any qualms in regards to the hurt their assaults may cause.
