This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Insights Insights
| less than a minute read

Arizona Schools Hit with Ransomware Attack and Lose Sensitive Information

Starting in January and continuing through at least mid-April, the schools of Arizona have been dealing with a ransomware attack and its consequences. Data from the attack has been posted widely on the "dark web" and undoubtedly caused headaches for personnel and parents alike.  

Why It Matters

Schools make uniquely interesting targets both because they often do not have the budget to improve security, and because they hold a wide variety of valuable information including HR records, health details on employees and students, Social Security Numbers, and more. Whatever the reason for attacking them, the loss of sensitive information by a school may create greater exposure down the road than the actual costs of remedying the actual attack. Schools are urged to find ways to limit the accessibility of personnel and student records to outside attack. Likewise, all organizations, regardless of industry, are urged to recognize that HR and customer records may be extremely valuable to thieves.  Planning for protection, including how to respond to an incident, is a good policy.  

But Bloomberg News found that cybercriminals made off with gigabytes of files, containing tens of thousands of current and former employees’ Social Security numbers and other confidential records. They then uploaded the information in February to the dark web for anyone to access with an easily downloadable browser. The data were still accessible as recently as April 17.


data security and privacy, hill_mitzi, insights, youth services law