A ransomware attack hit the IT systems of London-based nonprofit multi-academy trust Harris Federation on Saturday, March 27.
Harris Federation is a multi-academy trust of 50 primary and secondary academies in and around London educating more than 36,000 students.
Once discovered the ransomware infection, the IT staff at the nonprofit organization has taken its systems offline along with the email and landline phone systems, and students’ devices. All the phone calls were being redirected to mobile phones.
“A ransomware attack means that cyber-criminals have accessed our IT systems and encrypted, or hidden, their contents.” reads a statement published by the organization. “This is a highly sophisticated attack that will have significant impact on our academies but it will take time to uncover the exact details of what has or has not happened, and to resolve”
Harris Federation is investigating the incident with the support of the National Crime Agency, the National Cyber Security Centre, and experts from a cybersecurity firm.
The nonprofit organization declared that at least another three multi-academy trust to have been targeted in March.
All Harris Federation’s schools will finish the current term on Wednesday 31st March except for ten academies that will finish on April 1st.
During the past months, we have observed a significant increase in targeted ransomware attacks against education institutions.
Two weeks ago, the FBI has issued an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, ransomware)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.