‘Ransomware cult’ claims to have hacked two local schools

MATTHEWS, N.C. (QUEEN CITY NEWS) – Finances, legal documents, QuickBooks.

Folders containing sensitive information were published on Twitter by a group claiming to have hacked into Socrates Academy in Matthews and Movement School.

The hackers, which Queen City News has decided not to name, first posted proof of their hack, promising more to come if school officials didn’t cooperate.

“I saw a lot of things I would not want to see if one of my client’s data was breached, like QuickBooks,” said Tom Blanchard, CEO of Sterling Technology Solutions. “I saw financial information. I saw tax information.”

Tom Blanchard, CEO of Sterling Technology Solutions, says he deals with these types of hacks all the time.

“New customers will come to us usually after they’ve already been hacked,” Blanchard told Queen City News.

Neither school replied to our request for comment on the hack.

In the breach, we found copies of checks, a list of parent email addresses, a list of students who were either held back or graduated to the next grade, PayPal payments, tax information, and more.

We called some of the phone numbers exposed in the breach. Some were no longer active. The others went to voicemail.

“One thing that’s very clear in this hack is that access to a server was achieved,” Blanchard said.

Blanchard tells Queen City News hackers typically want to extort people for money or spread information to cause chaos.

“If a school gets hacked, parents are going to be concerned, teachers, students, it’s going to be on the news just like this,” he said.

Perhaps the burning question is why they would target schools. Blanchard believes that, too, is strategic.

“They probably don’t have the largest IT budget in the world, and that makes them more vulnerable to attacks like this,” he said.

Blanchard says the most common delivery method for these ransomware attacks is through email phishing.

It’s not clear if this hack has directly impacted those in the breach, but Blanchard says this type of…