Security News > 2020 > December > K12 online schooling giant pays Ryuk ransomware to stop data leak
Online education giant K12 Inc. has paid a ransom after their systems were hit by Ryuk ransomware in the middle of November.
K12 announced this week that they suffered a ransomware attack in mid-November that caused them to lock down some of their IT systems to prevent the attack's spread. "In mid-November, we detected unauthorized activity on our network, which has since been confirmed as a criminal attack in the form of ransomware. Upon identifying unusual system activity, we quickly initiated our response, taking steps to contain the threat and lock down impacted systems, notifying federal law enforcement authorities, and working with an industry-leading third-party forensics team to investigate and assist with the incident," K12 told BleepingComputer in a statement.
Sources in the cybersecurity industry have told BleepingComputer that the Ryuk ransomware hit K12 Inc. When performing attacks, the Ryuk ransomware gang is known to steal unencrypted data before encrypting devices.
This data is then used in 'double-extortion' attempts where the ransomware gang threatens to leak stolen data if a ransom is not paid.
As the leaking of student data would be disastrous for any company, K12 utilized their cyber insurance to pay the Ryuk ransom.
News URL
Related news
- After nearly 3B personal records leak online, Florida data broker confirms it was ransacked by cyber-thieves (source)
- Toyota confirms breach after stolen data leaks on hacking forum (source)
- Brain Cipher claims attack on Olympic venue, promises 300 GB data leak (source)
- Thousands of orgs at risk of knowledge base data leaks via ServiceNow misconfigurations (source)
- A data leak and a data breach (source)