(TNS) — Hackers last week initiated a ransomware attack on St. Landry Parish Schools, according to authorities.
Superintendent Milton Batiste III confirmed that the school fell victim to a cybersecurity attack July 25; a staff member notified the board’s supervisor of technology, Byron Wimberley, Batiste said.
“Once he did investigate, he did notice it was some kind of spyware,” Batiste said.
Batiste said he does not know where the security failures originated from but he is currently working with Louisiana State Police, which is investigating.
Batiste said he notified staff that used suspected compromised devices but has yet to notify parents about the attack. He said if it is confirmed that student or parental information was stolen, they will begin to notify the parents.
“If you see anything suspicious or emails from a source that is not recognizable, let us know so our computer tech personnel can look into it,” Batiste said, “The good thing is that we don’t have a lot of employees that were utilizing devices, so it was restricted to central office staff.”
It is unclear how much and what kind of data may have been obtained in the attack. A source did provide screenshots of data that is available on the group’s dark web blog page. The data include a check made out for $57, a 2021 certificate for a training course, an education disability claim form, communications with an insurance department, and publicly available teachers’ salaries.
St. Landry Parish Schools fell victim to a previous cyber attack in 2020.
Brett Callow, a threat analyst for Emsisoft, a New Zealand cybersecurity solutions company, posted a Twitter thread Monday showing a photo of the ransomware groups dark web blog. It says that St. Landry Parish School Board has a week to pay the group before the data is leaked. The group is asking for a $1 million ransom to delete the data they stole.
He said the ransom was issued less than 24 hours ago. Callow said hacker groups typically find their way into systems through unpatched internet facing servers or through compromised login credentials that were leaked in data breaches or obtained through unsecured home connections when staff enter their credentials off of personal computers.
“The attackers will try to steal a copy of the data, secondly they will try to encrypt the data where it is stolen,” Callow said.
Callow said groups will steal any information they can as leverage. That can include checking accounts, social security numbers, or internal communications.
“If the targeted group does not pay, the group typically released any information online,” he said.
Ransomware attacks happen frequently across the United States. The victims include local governments, universities, school districts and hospitals.
In 2022, 45 school districts operating 1,981 schools became victims of ransomware attacks including 44 colleges and universities. Los Angeles Unified School District was one of the most extensive attacks, including 1,300 schools compromising 500,000 students.
But it is not wise to pay the ransom, experts say. Even if they receive payment, Callow said, the information can still be posted online and often data is used by the group to commit identity fraud even after payment.
“That’s why it’s never a good idea for an organization to pay … the most they can ever obtain is a promise from the criminal that the data will be destroyed,” he said.
Callow said St. Landry Parish parents should become extra vigilant about scams.
“Be super careful and look for spam and scams and monitor your account more closely. And if the school does offer credit monitoring accept it,” Callow said.
©2023 The Advocate, Baton Rouge, La. Distributed by Tribune Content Agency, LLC.