TUSD’s Cyber Shutdown: TUSD confirms hackers accessed sensitive staff data
April 4, 2023 – 13 News Tucson
In a major development in the TUSD ransomware attack in late January, the district now has confirmed the hackers accessed sensitive information. The cybercriminals warned the district that they had staff and students’ confidential files and TUSD had to pay a ransom to get it all back. The threat came by way of an email – days after the ransomware attack. The feds identified the relatively new group of experienced hackers as “Royal” whose members claim to steal sensitive data for double-extortion attacks. The feds report payment demands from Royal have ranged from $250,000 to $2 million. The superintendent confirmed the hackers got their hands on staff’s sensitive information.
Four days after TUSD’s “brutal” ransomware attack on Feb. 3, Royal sent an email to about 150 staffers titled Data Leak Urgent. Royal wrote, “Hello guys, Hope you just missed the fact that we have stolen up to 290 GB (about 399K+ files) of your corporate data including *all personal students info, passport, SSN, driver’s license, birth certificate and much much more.”
Cybersecurity expert Victor Wieczorek of GuidePoint Security told 13 News Investigates that hackers like to showboat. 13 News Investigates asked, “Do we believe them? Are we supposed to believe them?” Wieczorek said, “They certainly want us to believe them” And in case the district didn’t, Royal wrote “see proofs in the attachments.”. The emails included six PDF files with student names followed by “Passport.” 13 News Investigates has been able to identify only one name through an online search, which was a former TUSD student. Wieczorek said, “Could it be overblown? Could some of those files be nothing? Of course, of course they can, but that doesn’t mean we should throw the baby out with the bathwater.” Royal warned TUSD, “Just imagine what will happen if such data leak into the internet.” “Hurry up.”
Read More HERE.