Ransomware groups are notorious for being indiscriminate in some of their attacks. The latest attack is a good example of this, as the Campbell County Schools in Greater Cincinnati, Kentucky, have fallen victim to Medusa’s ransomware attack which has put thousands of people at risk. Here’s all that you need to know about the attack.
When the attack happened, what it did, and who it affects
According to Medusa Group, the attack happened on the 6th of December in the afternoon. Following the publishing of the proof and the ransom of $600,000 for deletion of data, the Campbell County Schools have been given two weeks to pay the extortion to avoid their data being published on the internet.
The stolen data varies in type but it seems to indicate that the hackers have access to more or less everything in the school’s cloud storage. This includes financial statements, pictures of students and faculty, personally identifiable information (PII) of students, employees, and more. Among the shared pictures of proof, students’ assessments are also shared in the form of an excel sheet.
Campbell County Schools operate a number of schools in various districts. The specific district targeted in this attack is located in Greater Cincinnati, Kentucky, which affects more than 8,000 people. These people include all stakeholders of the school, but the majority of this number comprises the students at the school, all of whom have had their PII, assessment scores, and more compromised.
About Medusa Ransomware Group
First seen in 2021, Medusa Ransomware Group (or MedusaLocker) has been running rampant in its cyberattacks that penetrate, delete, and encrypt all of the data that it gets its hands on.
Named after the Goron Medusa, the group operates with a large number of affiliates, which is analogous to the snakes on Medusa’s head. Operating under the Ransomware-as-a-Service (RaaS) business model, it has found a huge degree of success in its attacks, with Campbell County Schools being the latest in a long series of attacks.
How you can prevent your data from being stolen
To prevent sophisticated attacks like this, it’s critical to ensure that you’re following all of the best practices there are and erring on the side of safety in all of your digital operations. This means keeping all of your cybersecurity and software updated, not clicking on or exploring suspicious sites/files/links, and making sure your staff is also trained on these prevention methods.
What’s next for cybersecurity?
Looking at how ransomware attacks are running rampant, it’s more important now than ever for businesses to make sure their cybersecurity measures are bulletproof. As dangerous as these attacks are, they mostly only work on targets of opportunity - businesses and companies that have compromised cybersecurity.
Making sure you’re doing everything you can to be safe is the most important objective when it comes to the future of your firm’s cybersecurity.