HomesecurityThe FCPS school complex is a victim of ransomware attack-Data leakage

The FCPS school complex is a victim of ransomware attack-Data leakage

FCPS school complex
The FCPS school complex was attacked by ransomware

The Fairfax County Public Schools (FCPS), the 10th largest school complex on USA accepted ransomware attack. This school complex is also the largest in the Baltimore-Washington metropolitan area. It has more than 188.000 students and about 25.000 employees full-time working in 198 schools and centers in Virginia.

The FBI was involved in the investigation into ransomware attack

The exact date that ransomware took place is not known attack, but the FCPS said it was working with FBI, in order to find the ransomware gang behind the incident.

"We recently learned that ransomware has been installed on some of our technology systems. We take this issue very seriously and we are working to address this issue", Says the statement of Fairfax County Public Schools.

The school complex also said it believes its players attack is one group associated with dozens attacks ransomware in other school systems and companies.

The FCPS also sought the help of "external" experts security for conducting the research but also for systems reset who were affected by the attack.

""FCPS is committed to protecting the information of our students, our staff and their families." added the school complex. "We will work with law enforcement to the maximum extent to prosecute individuals or groups who attack our systems.".

BleepingComputer tried to contact the FCPS for more details but received no response.

The FCPS school complex was attacked by ransomware

The Maze gang is said to be behind the attack

As mentioned above, the FCPS did not name them hackers but said that particular group is behind dozens attacks to other schools and businesses around the world.

However, the attack was probably made by Maze ransomware operators as well 2% (approximately 100MB) of data allegedly stolen from Fairfax County Public Schools servers has already been leaked.

Data leaked by Maze ransomware gang contain information for some of the students, as well as administrative documents. It also leaked something like LSASS dump that can be used to export Windows credentials.

The Maze gang is what started stealing data of victims before systems encryption, a tactic that was gradually adopted by more and more groups. After stealing them data, The hackers threaten to leak them on the internet if the victims do not pay the ransom.

Maze ransomware attacks were first detected in May 2019. Since then, hackers have greatly evolved their attacks through exploit kits, spam and network breaches.

In November 2019, the first leak of stolen data, which belonged to Allied Universal. The company had fallen victim to Maze ransomware but did not pay the ransom. So the hackers exposed the data. Then they published data and other victims in hacking forums, until they made their own leak site.

Maze ransomware has carried out many attacks on well-known and large companies, such as Chubb, Canon, Xerox, LG Electronics, Conduent, Cognizant, MaxLinear and others.

Digital Fortress
Pursue Your Dreams & Live!