Bishop Luffa School, a British secondary school run by the Church of England, had student data exposed after a likely ransomware attack by the Medusa gang.
Bishop Luffa’s website greets visitors with a prompt saying that “the school systems are currently down.“ According to local media reports, the organization’s systems have been down since March 9.
While the school doesn’t specify the reason for the security incident, a ransomware attack is the likeliest reason. The Medusa syndicate has uploaded Bishop Luffa School to its dark-web blog, a website to showcase the latest victims.
Threat actors also included samples of data supposedly stolen from the school that contains names and surnames of pupils and personal data of staff.
Cybercriminals post data samples to pressure victims in the hope that they’ll succumb to ransomware demands. However, law-enforcement agencies and cybersecurity professionals advise against meeting crooks’ demands, since there’s no guarantee they’ll delete the data.
We reached out to Bishop Luffa School for comment about the attack but did not receive a reply before publishing the article.
Medusa’s blog entry with the school’s details shows the gang has demanded $100,000 to delete the stolen data. However, the actual ransom demand could wildly differ from what crooks have chosen to make public.
The Medusa syndicate has been very active in recent months. For example, cybercriminals affiliated with it added Minneapolis Public Schools (MPS) to its dark-net website last week.
The Medusa ransomware gang began operating around the end of last year and has quickly risen in criminal status, becoming among the most active ransomware syndicates last month: deep-web watchdog Darkfeed says it attacked at least 18 organizations in February, making it the third most prolific gang that month.
More from Cybernews:
Subscribe to our newsletter