Medusa group leaks 200GB of data stolen from Rhode Island school district

News30 Sep 2024

The Medusa ransomware group has leaked more than 200 gigabytes of data it stole from a school district in Rhode Island after the latter reportedly refused to pay a ransom.

Earlier this month, in a letter addressed to parents and caregivers, Providence Public School Department said that on September 11, it identified irregular activities in its internal network. After discovering the anomaly, the district’s IT team “followed proper security protocols and worked to isolate the issue which has been contained.”

The school district, which runs 37 schools across the U.S. state of Rhode Island and has close to 20,000 pupils in its rolls, also launched an investigation with assistance from external cyber security experts to determine the nature and scope of the incident.

The school district added that preliminary investigation found “no evidence that any data has been impacted,” but promised to provide more information about the security incident as and when available.

The Medusa ransomware group recently claimed responsibility for the cyber attack on Providence Public School District and listed it as a victim on its data leak site. The group claimed to be in possession of 201.40GB of data stolen from the school district and gave the latter a deadline of eight days to pay a $1 million ransom.

However, following a failed ransom negotiation, the hacker group has decided to publish the stolen data on the dark web.

Following the publication of data, in a statement shared with the media, Superintendent Javier Montañez said, “We recently obtained confirmation that unauthorized access occurred on our network. Moreover, an unverified, anonymous group has claimed that they have PPSD files. While we cannot confirm the authenticity of these files and verify their claims, there could be concerns that these alleged documents could contain personal information.

“Again, at this time we are still gathering more information and are conducting an analysis that will provide us greater clarity on what may have occurred, what may have been impacted, and what actions may need to be taken,” he added.