Hackers put $1.6M ransom on student data
Advertisement
Read this article for free:
or
Already have an account? Log in here »
We need your support!
Local journalism needs your support!
As we navigate through unprecedented times, our journalists are working harder than ever to bring you the latest local updates to keep you safe and informed.
Now, more than ever, we need your support.
Starting at $15.99 plus taxes every four weeks you can access your Brandon Sun online and full access to all content as it appears on our website.
Subscribe Nowor call circulation directly at (204) 727-0527.
Your pledge helps to ensure we provide the news that matters most to your community!
To continue reading, please subscribe:
Add Brandon Sun access to your Winnipeg Free Press subscription for only
$1 for the first 4 weeks*
*$1 will be added to your next bill. After your 4 weeks access is complete your rate will increase by $4.99 a X percent off the regular rate.
Read unlimited articles for free today:
or
Already have an account? Log in here »
WINNIPEG — A shadowy hacker group has claimed responsibility for a ransomware attack that leaked sensitive personal information and photos of Pembina Trails School Division students and employees to the dark web.
The group, which calls itself Rhysida, sought 15 bitcoins ($1.6 million in current value) when it tried to sell stolen data in January.
The attempted sale followed a ransom demand, which the division confirmed was not paid.
A large volume of digital files, including school photos of children, was later published on the dark web, where it remained accessible to users Thursday, said Luciana Obregon, founder of Texas-based VenariX, which investigates cybersecurity incidents and helps clients avoid attacks.
“The severity kind of depends on what somebody can do with the information that was posted,” she said, citing identity theft and financial fraud as examples. “If you have a database with personal details about children, where they live and their pictures, that’s another cause for concern.”
Rhysida’s advertisement displayed passport photo pages belonging to two teachers — whose faces, names and other information were visible — and thumbnail images of documents, including one marked “confidential.”
Amid an ongoing review, Pembina Trails has said student databases dating back to 2011 were among the files made available. A database with staff payroll information could have been accessed in the Dec. 2 breach.
Student databases contain names, dates of birth, genders, addresses, contacts for parents or guardians, most recent school photos and personal health identification numbers.
As well, they contain health concerns, medical alerts or immigration details of some students.
The payroll database generally contains the names, dates of birth, genders, addresses, phone numbers, bank account details and social insurance numbers of staff since 2009, Pembina Trails has said.
The division in southwest Winnipeg has more than 17,000 students in 36 schools, and almost 2,500 employees. Some former students were also affected.
“We have no doubt the school division cares about this matter and is working diligently on it,” Manitoba Teachers’ Society president Nathan Martindale said in a statement. “But the impact of such a severe data breach on MTS members and their families cannot be overstated.
“Teacher and student data should never be compromised. There’s no doubt this will cause our members extreme psychological stress. We will do our best to help those who reach out to us.”
Obregon said Rhysida claimed to possess 5.4 terabytes of data, or about 969,000 files, belonging to Pembina Trails.
The group is thought to be in eastern Europe, she said. Some analysts believe the group is in Russia or a former Soviet state, based on its activities.
» Winnipeg Free Press