Hackers stole 37,000 students’ data from St Thomas Aquinas school’s network
Fort Lauderdale, Florida-based Saint Thomas Aquinas High School said it experienced a data security incident that compromised the sensitive personal information of its students and staff.
In a data security incident notice, Saint Thomas Aquinas High School said that on July 16, it detected unauthorised activity in its internal network. The school said it immediately launched an investigation and involved external cyber security experts to determine the nature and scope of the incident.
“After an extensive forensic investigation and comprehensive document review, we determined on October 22, 2024, that personal information stored on our network may have been accessed and/or acquired by an unauthorised individual,” reads the notice.
The compromised data included names, Social Security numbers, driver’s licence numbers, financial information, bank account numbers, credit card or debit card numbers, passport numbers, student numbers, medical information and health insurance information.
The school’s filing with the Office of Maine Attorney General revealed that it has identified at least 37,064 individuals who were affected by the incident.
“St. Thomas is committed to maintaining the privacy of personal information in its possession and has taken many precautions to safeguard it. St. Thomas continually evaluates and modifies its practices to enhance the security and privacy of the personal information it maintains,” the school added.
While St. Thomas found no evidence of the compromised information being misused, it advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities. It has also offered one year of complimentary identity protection and credit monitoring services through CyberScout to all affected individuals.
While the school authorities did not share details on who is behind the cyber attack, on July 30, the Medusa ransomware group claimed responsibility for the incident and listed St. Thomas as a victim on its data leak site.
🚨 MEDUSA Ransomware Alert 🚨
- Saint Thomas Aquinas High School 🇺🇸
Saint Thomas Aquinas High School in Fort Lauderdale, a private, Roman Catholic, co-educational institution in the USA, has fallen victim to MEDUSA ransomware. The group claims to have access to 103.8 TB of… pic.twitter.com/qvFl0wSEWi
The group claimed to be in possession of 103.8 TB of data stolen from the school and demanded a ransom of $200,000 in exchange for a decryption key. To prove the authenticity of its claims, the group also shared screenshots of the stolen data on the dark web.
Most Viewed
New rules, rising threats: why lean IT teams must rethink cyber-securitySponsored by CORO CYBER SECURITY
Don’t allow AI experiments to become quiet business risksSponsored by alice.io
The Expert View: Reducing cyber-risk across OT and critical infrastructureSponsored by Claroty
The Expert View: Transforming security through risk intelligenceSponsored by Obrela
Winston House, 3rd Floor, Units 306-309, 2-4 Dollis Park, London, N3 1HF
23-29 Hendon Lane, London, N3 1RT
020 8349 4363
© 2025, Lyonsdown Limited. teiss® is a registered trademark of Lyonsdown Ltd. VAT registration number: 830519543