Hackers have attacked a Belgian school and are demanding €50 for every child

Published: 2 February 2026
Last updated: 2 February 2026
a classroom filled with monitors
Image by Cybernews.

Cybercriminals have hacked the Onze-Lieve-Vrouw Instituut (OLV) Pulhof, a secondary school in Berchem, Belgium, and are demanding a ransom from the school and parents. The threat actor claims they will publish all stolen data on the dark web if the ransom isn’t paid by Monday.

The school was hacked shortly after the Christmas holidays. According to Belgian news outlets, the attackers used ransomware to encrypt the school’s servers. They initially demanded €100,000 in ransom, but have since lowered their demand to €15,000.

Thus far, the school hasn’t made contact with the hackers.

ADVERTISEMENT

“In accordance with the advice of the authorities, we did not respond to this message and ignored it. Based on our vision and for ethical reasons, we will not comply with the demands of these criminals,” says Kris Smout, General Director of the school.

Because the school didn’t respond to the attackers’ demands, some parents of the students received an email about the incident last Thursday.

employee phishing attack
Image by Gumbariya | Shutterstock

In the email, ransomware operation BitLock claims responsibility and says it had undetected access to the OLV Pulhof’s systems for more than a year. Allegedly, the attackers stole 45GB of data from students and staff members, including ID cards, mental health data, and diplomas. The school’s financial records have also been exfiltrated.

“Pulhof: you still have a last chance to pay us 15,000 euros and all of this will stop, then no parents have to pay. Parents: you can either convince Pulhof to pay us OR you as a parent pay us 50 euros for every child you have, otherwise we will leak your child’s data publicly and sell it on the dark web,” the email says.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

Specialists point out that OLV Pulhof was not attacked by the real LockBit group, but most likely by an imitator who does not belong to that organization. According to VRT NWS, the parents were advised not to pay and not to click on anything.

In a message to parents and students, Pulhof says that an investigation is underway to determine what personal data may have been compromised.

ADVERTISEMENT

“Our external partners are closely monitoring our digital environment. In addition, the dark web is being actively monitored. So far, no evidence has been found,” Smout says.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT