Security News > 2020 > December > K12 online schooling giant pays Ryuk ransomware to stop data leak

Online education giant K12 Inc. has paid a ransom after their systems were hit by Ryuk ransomware in the middle of November.

K12 announced this week that they suffered a ransomware attack in mid-November that caused them to lock down some of their IT systems to prevent the attack's spread. "In mid-November, we detected unauthorized activity on our network, which has since been confirmed as a criminal attack in the form of ransomware. Upon identifying unusual system activity, we quickly initiated our response, taking steps to contain the threat and lock down impacted systems, notifying federal law enforcement authorities, and working with an industry-leading third-party forensics team to investigate and assist with the incident," K12 told BleepingComputer in a statement.

Sources in the cybersecurity industry have told BleepingComputer that the Ryuk ransomware hit K12 Inc. When performing attacks, the Ryuk ransomware gang is known to steal unencrypted data before encrypting devices.

This data is then used in 'double-extortion' attempts where the ransomware gang threatens to leak stolen data if a ransom is not paid.

As the leaking of student data would be disastrous for any company, K12 utilized their cyber insurance to pay the Ryuk ransom.

News URL

https://www.bleepingcomputer.com/news/security/k12-online-schooling-giant-pays-ryuk-ransomware-to-stop-data-leak/