DataBreaches.net has go aware of yet another school district that fell victim to a ransomware attack. The Frederick Public Schools in oklahoma was breached a few months ago, but they had not yet disclosed the incident publicly as they experience been working to recover from backups and to notify everyone who may have been impacted. DataBreaches.net discovered the breach while exploring a new leak site on the dark web. Today, DataBreaches.net spoke with superintendent Shannon Vanderburg about the incident, and their answer to the attack. The district did not and will not pay any ransom, he informed this site, even though their files were encrypted. At this point, he informs this site, they are backrest up and running, although in some cases they had to find and utilisation older backups to restore from. What is still in progress, however, is notifying everyone who may be impacted by the incident. DataBreaches.net was able to inform the district where files had been dumped on the dark web for the taking, but is not linking to the dump or files. Although many of the dumped files worry subroutine territory functions, many files contained personnel payroll-related information from 2018-2020 as well as vendor payment information. At least one file contained Social Security Numbers of district employees. in 1 case, a district employee seems to have uploaded her family’s federal tax return for one year, thereby exposing all her personal info as well as her spouse’s and children’s SSN. None of the files that this site has reviewed so far contained master employee records system, but employees should probably take immediate steps to protect themselves from identicalness theft or the misuse of their information for fraudulent purposes. Former and current employees may want to station a security freeze on their credit reports to foreclose fraudsters from trying to open new accounts that might require a credit account check. The freeze can be easily removed if it is not needed. There were also some files in the underprice that contained some student names or information, and in one case, a disciplinary incident being investigated by police that named specific middle school students and provided parental phone numbers. DataBreaches.net did not see any skipper student record system in the files that have been reviewed so far. It is not solve to DataBreaches.net from the listing found on a relatively new leak site whether the terror actors have dumped everything they acquired and exfiltrated or if this is just a partial dump. DataBreaches.net has emailed the threat actors to see if they will part more information. Elsewhere, Michael Gillespie of id Ransomware tweeted some information about the typecast of ransomware that may have been involved: Vice society (“.v-society”) == HelloKitty (“.crypt”) Linux #Ransomware using OpenSSL (AES256 + secp256k1 + ECDSA). (Sorry can’t share samples due to victim confidentiality) pic.twitter.com/zJTu803m2C Michael Gillespie (@demonslay335) June 10, 2021 “Vice society (“.v-society”) == HelloKitty (“.crypt”) Linux #Ransomware using OpenSSL (AES256 + secp256k1 + ECDSA).(Sorry can’t portion samples due to victim confidentiality) Whether that also applied to Frederick public Schools remains to live confirmed by the district, but they did acknowledge that their files had been encrypted.