Large Florida school district hit by ransomware attack, hackers demanded $40M

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.

The computer system of one of the nation’s largest school districts was hacked by a criminal gang that encrypted district data and demanded $40 million in ransom or it would erase the files and post students’ and employees’ personal information online.

Broward County Public Schools said in a statement Thursday that there is no indication that any personal information has been stolen and that it made no extortion payment to the ransomware gang, which as an apparent pressure tactic last week posted screenshots of its online negotiations with the district to its site on the dark web.


The Fort Lauderdale-based district said it is working with cybersecurity experts “to investigate the incident and remediate affected systems. Efforts to restore all systems are underway and progressing well. We have no intention of paying a ransom.” The district did, after two weeks of back and forth, offer to pay $500,000, at which point the ransomware criminals apparently ended negotiations, according to the hackers’ screenshots.

The district declined further comment outside its statement. With 271,000 students, Broward is the nation’s sixth-largest school district with an annual budget of about $4 billion — a fact the hackers kept returning to as they demanded $40 million, to be paid in cryptocurrency. The ransomware caused a brief shutdown of the district’s computer system in early March, but classes were not disrupted.


“It is a possible amount for you,” the Conti gang said early in its negotiations with a district official, whose name does not appear in the screenshots and has not been released. Its data-locking malware is one of the top 10 strains of ransomware.

“This is a PUBLIC school district,” the Broward negotiator replied. “You cannot possibly think we have anything close to this!” It was unclear if the representative was a district employee or, as is often the case, a hired ransomware negotiator.

The FBI usually investigates such attacks, but said Thursday it would not confirm if it was investigating this one.

An epidemic of ransomware attacks has been plaguing government…