Numerous K-12 schools across the U.S. have already been impacted by data breaches since early this month, including California-based Glendale Unified School District and Fullerton Joint Union High School District, Montana-based Butte School District, and Washington-based Edmonds School District, reports The Record, a news site by cybersecurity firm Recorded Future.
Such attacks come amid the nearly month-long recovery of Ohio-based Groveport Madison Schools from a ransomware attack in early December, which has been claimed by the BlackSuit ransomware operation that is believed to be the Royal ransomware group's new name. The intrusions also follow the reported discovery of millions of sensitive school records, including incident response plans and student information, as a result of unsecured Raptor Technologies web buckets.
Such a development has already prompted the suspension of Raptor Technologies software usage at District of Columbia Public Schools.
"As Raptor continues its investigation, I want to assure our families that while some districts use Raptor to also store and manage school Emergency Response Plans (ERPs), DCPS is not utilizing this feature. No ERPs for any of our schools were stored within the Raptor platform and therefore they were not accessible," said DCPS Deputy Chancellor Amy Maisterra.
BleepingComputer reports that Knight ransomware was observed by KELA threat analysts to have the third iteration of its source code posted for sale by the operation's representative, Cyclops, on RAMP forums.