School District’s Files Leaked in $40m Ransomware Attack

Cyber Security News

A South Florida school district that refused to pay its cyber-attackers a $40m ransom has had thousands of its files leaked online.

Broward County Public Schools was targeted by the Conti ransomware gang at the beginning of March in an attack that caused a shutdown of its computer system but left classes undisturbed.

Conti demanded that the sixth-largest school district in the United States hand $40m of its annual $4bn budget over to them.

In a transcript published by the gang, a negotiator for the district allegedly said that the ransom demand was impossibly large and countered with an offer to pay $500k. The ransomware gang turned the offer down but dropped their demand by three quarters to $10m.

On March 31, the office of Broward’s chief communications officer, Kathy Koch, released a statement declaring that although the district “is aware of the recent actions taken by the criminals who breached our system,” it had no intention of paying those criminals a ransom.

On April 19, Conti published nearly 26,000 files that had been exfiltrated from the school district. Reporters at the South Florida Sun Sentinel who reviewed the data found “a few isolated incidents where confidential student or employee information was released.”

The 25,971 files date from 2012 to March 2021 and chiefly contain financial records, including purchase orders, invoices, and travel expenses claim forms.

While no Social Security information was found amongst the leaked data, it did include several employee phone lists.

Personal information belonging to one nine-year-old student was exposed on an invoice from the state health department.

The Sentinel reported that most of the Broward data published by Conti is already a matter of public record. Among the information are payments to local police departments and the Broward Sheriff’s Office for security, utility bills, 750 mileage reports, and over 700 invoices for spring water.

In the hope of preventing another cyber-attack on Broward, the school district’s chief information officer, Phil Dunn, has requested $20m for cybersecurity enhancement. He warned the school board last week that another hit could be devastating.