Students and teachers in the damaged Minneapolis Public Schools (MPS) district massive ransomware attack At the end of February, highly sensitive information about myself was published on the web, including allegations of abuse by teachers and psychological reports.
First MPS Said It refused to pay the extortionist a US$1 million ransom and revealed that it had successfully restored its encrypted system via backup.
However, the Medusa hacking group, which sought to blackmail MPS, not only encrypted the district’s data, but also stole its own copy of the data, which it eventually published on the internet and advertised through a link on its Telegram channel.
In all, about 100 GB of data, claimed to be from the MPS district, was published on the public internet along with video summaries showing some of the content.
NBC News was in it I checked some filesand was amazed at what it found.
Published data included:
- the name and date of birth of any child with special needs,
- details of their home life and obstacles,
- Intelligence test results
- Details of any medications they may be taking.
But that wasn’t the only confidential data. According to reports, the leak also uncovered reports of abuse.
“The leaked files also contain hundreds of forms documenting the times faculty and staff learned that a student may have been abused. Allegations of being physically harmed by a teacher or student, some are very sensitive and allege incidents, such as a student being sexually abused by a teacher or another student Each report contains the victim’s name, date of birth and address.”
moreover, NBC News described a leaked report detailing allegations of sexual abuse involving the named individual and a teacher who allegedly had a romantic relationship with a student.
Of course, all this is scary. However, the fact that the data stolen by the hacking group Medusa does not follow the traditional method of being published on dark web leak sites, is published on traditional websites that do not require specialized tools like Tor. The situation is getting worse. that.
Posts bragging about hacks and pointing out leaked websites have been published on social media, increasing the chances of highly damaging information being seen by a wider audience.
MPS says it’s trying to remove the leaked data from these public web pages, but they’re still available, at least for now.
It’s clear that the Medusa group revels in the chaos it’s causing, and feels no guilt about the impact it’s having on vulnerable and innocent young people.
While some ransomware gangs have even apologized or offered free decryption tools after hacking schools, others have shown no concern about the damage their attacks could cause. It is clear that many criminal groups exist.