After hacking the Minneapolis public college system in March, a ransomware gang proceeded this week to leak college students’ private info to the online. Included within the tranche had been the standard deluge of non-public knowledge factors—together with college students’ birthdays and social safety numbers. However NBC, which reviewed the leaks, now reports that the trove additionally contained much more delicate info, together with the psychological well being data of scholars and even paperwork detailing allegations of abuse in opposition to members of the district’s employees.
The Minneapolis Public Faculties district, which is Ok-12, serves some 29,000 college students and encompasses dozens of faculties. The gang behind the hack on the district—which calls itself “Medusa”—has unleashed a torrent of some 200,000 recordsdata stolen from its servers, together with a lot of “databases” cataloguing incidents of scholars exhibiting behavioral points. In stated databases, college students are recognized by way of a lot of markers, together with ID quantity, ethnicity, and the college that they attend.
Moreover, the hackers have additionally leaked delicate portfolios of data on “a whole lot” of youngsters with particular wants. NBC reports that the paperwork embody “pages of particulars about college students, together with issues at dwelling like divorcing or incarcerated dad and mom, circumstances like Consideration Deficit Dysfunction, documented indications the place they seem to have been injured, outcomes of intelligence assessments and what medicines they take.”
Lastly, the leaks additionally seem to include paperwork detailing allegations of abuse by sure district employees. In not less than one case, NBC reviews that paperwork present a particular schooling pupil alleged that they suffered sexual abuse by the hands of a district college bus driver. A person with the identical title because the one listed within the report is proven to have been arrested by police, the information outlet writes. Within the reviews alleging assault or abuse, the accusing pupil’s title, date of beginning, and handle are all current within the knowledge.
NBC has noted that it was not able to independently verify the leaks.
Medusa has published the documents to a number of different websites in a campaign that has been characterized as exceptionally aggressive, NBC reports. Typical of ransomware gangs, Medusa has posted the material to a “leak website”—a website used to goad hacking victims into paying a ransom by way of strategic leaks. However the gang has additionally distributed the fabric by way of extra conventional channels, utilizing websites like Twitter, Fb, and Telegram to deliver extra visibility and notoriety to the leaks.