Hacker releases Las Vegas school district student, employee information after officials refuse ransom demands

A hacker released documents from a Las Vegas-area school district, including student and employee information, late last week after officials refused to pay the requested ransom to regain access to district computer servers.

Sensitive information from the Clark County School District (CCSD), including Social Security numbers and student grades, was published on the hacker’s website last week, The Wall Street Journal reported Monday. The country’s fifth-largest school district, which teaches 320,000 students, is the largest to be hit with ransomware since the coronavirus pandemic began.

Brett Callow, a threat analyst for cybersecurity company Emsisoft, told the Journal the hacker had sent the county a warning by releasing a file from the district that appeared to be nonsensitive. 

But more sensitive files were released last week that included employee Social Security numbers, addresses and retirement papers and student names, grades, birth dates, addresses and the school they attended. 

The school district released a statement on Monday saying it will individually notify those affected by the hack, adding it is “working diligently to determine the full nature and scope of the incident.”

“CCSD values openness and transparency and will keep parents, employees and the public informed as new, verified information becomes available,” the statement reads. 

A previous release from the district said on Aug. 27 — three days after school began — administrators determined certain files could not be opened and eventually attributed the issue to a virus and ransomware.

The district in the earlier release warned that some private information may have leaked and requested that individuals associated with the district review account statements and watch credit reports. The school district said it “notified law enforcement and began an investigation, which included working with third-party forensic investigators,” to look into the incident and was trying to fix all systems to ensure functionality.

On Aug. 27, the district said in a Facebook statement the data breach caused no interruptions to online learning. 

The Clark County School District is not the only district to be hit with a hacking attack during the pandemic, as many schools have transferred to full- or part-time online learning systems, which hackers seem to be exploiting.

Hartford Public Schools in Connecticut delayed its first day of school earlier this month after a cyberattack. 

The Journal found that schools have paid ransoms ranging from $25,000 to more than $250,000 after determining the ransom would be less expensive than restructuring servers and postponing online learning. 

The FBI advises against paying a ransom to hackers, saying it inspires them to go after other organizations, but acknowledges management may consider paying as an option to avoid a disruption in functionality.