Ransomware operators continue to target organizations worldwide and school districts particularly exposed to these malicious campaigns. Recently the Broward County Public Schools district announced that it was victim of a ransomware attack and crooks demanded a $40,000,000 payment.
BCP is the sixth-largest school district in the nation and the second-largest in the state of Florida. The District is Florida’s first fully accredited school system since 1962, and has nearly 261,000 students and approximately 110,000 adult students in 241 schools, centers and technical colleges, and 92 charter schools.
BCPS serves a diverse student population, representing 177 different countries and 151 different languages.
The attack took place in March and the Broward County Public Schools were forced to shut down their IT systems. The Conti ransomware gang claimed responsibility for the attack, but the district did not provide additional details about the ransomware attack.
“Earlier this month, Broward County Schools disclosed a cyberattack that sounded pretty serious. But there did not seem to be any follow-up in the media or on their web site to explain exactly what had happened and with what impact. Broward County Public Schools Now threat actors have leaked what appear to be ransom negotiations with the district.” reported the website databreaches.net.
The district decided to don’t pay the ransom, that according to images of the ransom note was $40,000,000. Clearly, such kind of request could be accepted by a school district.
Conti ransomware gang told Broward that they had encrypted Broward’s servers and exfiltrated more than 1 TB of data files that included personal information of students and employees, contracts, and financial documents.
Below an excerpt of conversation between a representatives of the BCPS and the Conti ransomware gang.
After an attempt of negotiation, crooks finally lowered the ransom to $10 million, but it was too high for the school district.
Recently ransomware gangs are demanding the payment of higher ransom, the case of the attack suffered by Acer is clamorous, the vendor recently received a demand of $50 million from REvil operators.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
Follow me on Twitter: @securityaffairs and Facebook
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(SecurityAffairs – hacking, Hades ransomware)