St. Landry Parish Schools, La. Hit By Ransomware

/in


(TNS) — Hackers last week initiated a ransomware attack on St. Landry Parish Schools, according to authorities.

Superintendent Milton Batiste III confirmed that the school fell victim to a cybersecurity attack July 25; a staff member notified the board’s supervisor of technology, Byron Wimberley, Batiste said.

“Once he did investigate, he did notice it was some kind of spyware,” Batiste said.


Batiste said he does not know where the security failures originated from but he is currently working with Louisiana State Police, which is investigating.

Batiste said he notified staff that used suspected compromised devices but has yet to notify parents about the attack. He said if it is confirmed that student or parental information was stolen, they will begin to notify the parents.

“If you see anything suspicious or emails from a source that is not recognizable, let us know so our computer tech personnel can look into it,” Batiste said, “The good thing is that we don’t have a lot of employees that were utilizing devices, so it was restricted to central office staff.”

It is unclear how much and what kind of data may have been obtained in the attack. A source did provide screenshots of data that is available on the group’s dark web blog page. The data include a check made out for $57, a 2021 certificate for a training course, an education disability claim form, communications with an insurance department, and publicly available teachers’ salaries.

St. Landry Parish Schools fell victim to a previous cyber attack in 2020.

Brett Callow, a threat analyst for Emsisoft, a New Zealand cybersecurity solutions company, posted a Twitter thread Monday showing a photo of the ransomware groups dark web blog. It says that St. Landry Parish School Board has a week to pay the group before the data is leaked. The group is asking for a $1 million ransom to delete the data they stole.

He said the ransom was issued less than 24 hours ago. Callow said hacker groups typically find their way into systems through unpatched internet facing servers or through compromised login credentials that were leaked in data breaches or obtained through unsecured…

Source…