A hacker has threatened to upload JeffCo Public Schools’ sensitive information if they didn’t pay a ransom.
A recent cyberattack on the JeffCo Public School district has sparked concern among parents and security experts alike.
The hacker group, known as SingularityMD, has threatened to release sensitive employee and student information to the dark web if the district fails to pay a $15,000 ransom in cryptocurrency.
The district first became aware of the attack when district executives, including Superintendent Tracy Dorland, received an email from the hackers on October 31st. The email, sent to hundreds of parents as well, criticized the district's lax approach to cyber security and demanded the ransom be paid by November 7th.
With the deadline quickly approaching, the hackers sent another email just 30 minutes before the original deadline, reducing the ransom amount to $2,000. It is unclear whether the district paid the ransom, as officials have declined to comment on the matter.
According to emails obtained by The Denver Gazette, the hackers claim to have stolen a 40 GB dataset containing sensitive information such as staff and student addresses, birthdates, and even Individualized Education Programs which can contain confidential health information.
The hackers have stated that this attack is purely for financial gain and not politically motivated, but the potential damage to the district and its students is far-reaching.
JeffCo Public Schools is the second largest school district in Colorado, with over 14,000 employees and 65,000 students across 140 campuses.
Despite the severity of the attack, district officials have not been transparent with parents and students about the full extent of the breach. Some parents, such as Ashlee Cochran, only found out about the hack through their children who use Google Classroom for assignments.
Google Classroom, a free platform used by many schools for educational purposes, claims that the data is encrypted and not shared with third parties. However, with the use of student birthdays in creating passwords, the security practices of the district have come into question.
This attack is not an isolated incident. A similar cyberattack was launched against Clark County School District in Nevada, the nation's fifth largest district, just weeks before the attack on JeffCo. And this issue extends beyond just school districts; government agencies and businesses are also at risk.
READ MORE:
COLORADO HOUSE REPUBLICANS DEMAND ANSWERS IN HIGHER EDUCATION DATA BREACH COVER-UP
APPLE'S RECENT UPDATE UNCOVERS SPYWARE THAT THREATENS IPHONES AND IPADS
As the threat of cyberattacks continues to grow, it is important for individuals and organizations to take cybersecurity seriously.
The U.S. Government Accountability Office has warned that malicious actors are becoming more adept at carrying out cyberattacks, and attacks on education institutions are becoming more commonplace.
With the increasing frequency and severity of cyberattacks, it is imperative that individuals and organizations prioritize cyber security to protect against these growing threats.