Las Vegas Students’ Personal Data Leaked, Post-Ransomware Attack
A researcher reportedly found an open data cache exposing personally identifiable information for thousands of Las Vegas students that was released after the Clark County School district refused to pay ransom demands made by threat actors after a cyberattack during the first week of school. The exposed information includes names, grades, birthdates, and more. The underground forum where the information was posted is likely run by the Maze ransomware operators, according to researchers.
In early September, the district was hit by a ransomware attack that crippled operations during its first week of school and exposing other information of employees such as names and Social Security numbers. Clark County School District confirmed the attack through Facebook, stating that it realized just three days after school begun that many files were inaccessible. Online learning platforms such as Zoom were not affected. Now, almost a month later, the compromised data has turned up on the web.