outpouring Independent school district in Houston, tx is closed for Thanksgiving week, but I admiration if any of their staff are working anyway in response to a claimed ransomware onslaught by Egregor terror actors. There is no appointment on Egregor’s site to show when they claim to have locked up the district’s files. And they only provided a small total of proof — an audit from 2011. Because there is no observation on the district’s site, DataBreaches.net reached out to them to ask them what they were doing in response to the claimed attack, and whether they have notified anyone. Not surprisingly, no reception has been received yet, but this post will live updated when one is received. At least the district will experience FireEye to aid them, as the commonwealth has contracted with FireEye to provide services to public sector agencies thru a bulk purchase agreement. will outflow ISD pay any ransom, though? Other districts in Texas hold paid, usually after some negotiation, but I uncertainty most districts carry enough insurance to cover the kinds of ransom amounts that threat actors demand these days. outflow ISD is not the only k-12 district to have been smasher recently with ransomware. Flying mostly under the radar as yet is a school district in Montana that was allegedly locked up by another group of terror actors. DataBreaches.net made impinging with this second district’s school board last weekend and is hoping to get some instruction from them. The terror actors did provide some proof of access and exfiltration, but not enough to let any illuminate sense of how much data — and what kinds – the terror actors may have accessed and exfiltrated. look follow-ups on both of these school districts.