Minneapolis Public Schools Hit by Ransomware Attack

Minneapolis Public Schools are facing a March 17 deadline to pay a million-dollar ransom demand after attackers posted sensitive data that was exfiltrated as leverage in a ransomware attack. The Medusa ransomware gang has claimed responsibility for the attack that has caused widespread disruptions to the district’s operations. The attackers posted a video online to prove they have the stolen data in hand and are prepared to leak it if the ransom demand is not met.

“A preliminary review of the gang’s dark web leak site by The 74 suggest the compromised files include a significant volume of sensitive documents, including records related to student sexual violence allegations, district finances, student discipline, special education, civil rights investigations, student maltreatment and sex offender notifications,” reports noted.

Takeaway:

Ransomware groups continue to prove they are ruthless, heartless criminals with zero consciences. They continue to victimize organizations in education and healthcare simply because they are easy targets. These sectors usually lack the appropriate budgets and staff to maintain a reasonable security posture. Despite available grant money or technology donations from big companies, these organizations likely lack the staff to properly manage and protect their infrastructure.

Even if the attack is easily resolved, students whose personal information was stolen may continue to be at risk of identity theft and financial fraud into the unforeseeable future. Ransomware attacks and data exfiltration will continue unabated until profit motives are eliminated.

To protect themselves, EDU organizations must reevaluate what kinds of data they collect and store, for how long and pinpoint where it’s stored. They continue to keep legacy student data that is no longer relevant or needed. Eliminating unnecessary data will make EDU organizations a less attractive target to attackers, thus, minimizing potential threats.