Ransomware gang BlackSuit, formerly known as Royal, has taken credit for a cyberattack against Georgia's Henry Country Schools in early November, Cybernews reports.
While BlackSuit released a link to download a 135 GB ZIP archive, it did not post any sample files stolen from the school district.
Such claims come days after Henry County Schools Superintendent Mary Elizabeth Davis confirmed that foreign cybercriminals were behind the compromise of its systems that was initially disclosed on the week of Nov. 6. Attackers were able to infiltrate the school district's file storage area with procedural and historical data but not its email systems, student information systems, and financial and HR systems, according to Davis. Operations of essential school services have not been disrupted by the attack but efforts to restore student Chromebook access and implement a district-wide password reset are imminent.
Before Henry County Schools, Royal ransomware was reported to have targeted the City of Dallas and the Lake Dallas Independent School District.
BleepingComputer reports that Knight ransomware was observed by KELA threat analysts to have the third iteration of its source code posted for sale by the operation's representative, Cyclops, on RAMP forums.