Fairfax County Public Schools (FCPS), one of the largest school divisions in the US, was hit by Maze ransomware operators.
Fairfax County Public Schools (FCPS) was victim of an attack carried out by the Maze ransomware operators.
FCPS is one of the largest school districts in the US with an approved budget of $3.2 billion for 2021.
The Fairfax County Public Schools has more than 188,000 students in grades prekindergarten through 12 and approximately 25,000 full-time employees working in 198 schools and centers within the U.S. commonwealth of Virginia.
“FCPS recently learned that ransomware was placed on some of our technology systems. We are taking this matter very seriously and are working diligently to address the issue.” reads a statement published by FCPS. “We currently believe we may have been victimized by cyber criminals who have been connected to dozens of ransomware attacks in other school systems and corporations worldwide. We are coordinating with the FBI on the matter.”
The institution has notified the authorities and is investigating the incident with leading security experts to determine the extent of the attack.
At the moment the exact date when the ransomware impacted FCPS’s network is not yet known but the school district says that it collaborating with the FBI to determine what ransomware gang is behind the attack.
“FCPS is committed to protecting the information of our students, our staff, and their families,” concludes the statement. “We will work with law enforcement to the fullest extent to prosecute any individuals or groups that attack our systems.”
The statement did not disclose the threat actors behind the attack, it only pointed out that the same ransomware gangs has been connected to dozens of similar attacks against school districts and businesses worldwide.
The Maze ransomware operators claimed responsibility for the attack and leaked an archive of roughly 100MB (2% of the total amount of stolen data).
The leaked archive contains students’ info, administrative documents, and an LSASS dump that could allow retrieving Windows credentials.
An update sent Saturday afternoon to the school community said the school system is “working diligently to protect the information of our staff, students and their families.”
The institution added that the ransomware intrusion did not disrupt the school system’s distance learning program.
Lucy Caldwell, a spokesperson for Fairfax County Public Schools, told WTOP that she expected remote learning will be not impacted by the infection.
In August, experts at threat intelligence firm Cyble came across a post published by Maze ransomware operators claiming to have breached the steel sheet giant Hoa Sen Group.
A few days before, Maze ransomware operators also published internal data from LG, Xerox, and Canon after the companies did not pay the ransom.
The list of victims of the Maze ransomware gang includes Conduent, IT services giant Cognizant, system-on-chip (SOC) maker MaxLinear, and Banco BCR,
(SecurityAffairs – hacking, Maze ransomware)
Share On
Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at “Cyber Defense Magazine”, Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog “Security Affairs” recently named a Top National Security Resource for US. Pierluigi is a member of the “The Hacker News” team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books “The Deep Dark Web” and “Digital Virtual Currency and Bitcoin”.
Fairfax County Public Schools (FCPS), one of the largest school divisions in the US, was hit by Maze ransomware operators.
Fairfax County Public Schools (FCPS) was victim of an attack carried out by the Maze ransomware operators.
FCPS is one of the largest school districts in the US with an approved budget of $3.2 billion for 2021.
The Fairfax County Public Schools has more than 188,000 students in grades prekindergarten through 12 and approximately 25,000 full-time employees working in 198 schools and centers within the U.S. commonwealth of Virginia.
“FCPS recently learned that ransomware was placed on some of our technology systems. We are taking this matter very seriously and are working diligently to address the issue.” reads a statement published by FCPS. “We currently believe we may have been victimized by cyber criminals who have been connected to dozens of ransomware attacks in other school systems and corporations worldwide. We are coordinating with the FBI on the matter.”
The institution has notified the authorities and is investigating the incident with leading security experts to determine the extent of the attack.
At the moment the exact date when the ransomware impacted FCPS’s network is not yet known but the school district says that it collaborating with the FBI to determine what ransomware gang is behind the attack.
“FCPS is committed to protecting the information of our students, our staff, and their families,” concludes the statement. “We will work with law enforcement to the fullest extent to prosecute any individuals or groups that attack our systems.”
The statement did not disclose the threat actors behind the attack, it only pointed out that the same ransomware gangs has been connected to dozens of similar attacks against school districts and businesses worldwide.
The Maze ransomware operators claimed responsibility for the attack and leaked an archive of roughly 100MB (2% of the total amount of stolen data).
The leaked archive contains students’ info, administrative documents, and an LSASS dump that could allow retrieving Windows credentials.
An update sent Saturday afternoon to the school community said the school system is “working diligently to protect the information of our staff, students and their families.”
The institution added that the ransomware intrusion did not disrupt the school system’s distance learning program.
Lucy Caldwell, a spokesperson for Fairfax County Public Schools, told WTOP that she expected remote learning will be not impacted by the infection.
In August, experts at threat intelligence firm Cyble came across a post published by Maze ransomware operators claiming to have breached the steel sheet giant Hoa Sen Group.
A few days before, Maze ransomware operators also published internal data from LG, Xerox, and Canon after the companies did not pay the ransom.
The list of victims of the Maze ransomware gang includes Conduent, IT services giant Cognizant, system-on-chip (SOC) maker MaxLinear, and Banco BCR,
(SecurityAffairs – hacking, Maze ransomware)