Personal info of students and parents leaked in Buffalo Public school cyber attack


A ransomware attack that took place on Buffalo Public Schools (BPS) in March this year is said to have leaked personal info of students, parents, and employees to hackers and that includes some super-sensitive info such as bank account information like wire transfer details of vendors.


Personal information includes grade levels achieves by school students, addresses of the students, phone numbers of their parents, birth dates of students, district ID numbers, and such.


After learning about the attack, Buffalo Public Schools immediately third party forensic advisor to investigate the incident. And after two months, the security company revealed that the school district was hit by a ransomware gang that follows a protocol of stealing data and then encrypting the database, to involve in double extortion-related crime for ransom later.


BPS has made it official that its investigations have confirmed that social security numbers of staff, students, and their parents were not accessed by the hackers.


Note- On March 15th, 2021 BPS released a press statement that its Information Technology infrastructure was targeted by hackers disrupting services related to teaching and administration to a certain extent. As it was a ransomware attack, school authorities reported that the hackers were demanding a ransom in the range of $100,000 to $300,000. But as the school district had an effective business continuity plan, it was thinking to recover the data from the backups instead of bowing down to the demands of hackers.


Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display