Manhasset Schools: Hackers posted stolen district files to dark web

Hackers who demanded but did not receive ransom payments from Manhasset schools last month posted stolen district files to the dark web, according to the acting superintendent of schools.
“We were notified that yesterday, the criminals posted certain files to the dark web that they stole from our servers. We are currently reviewing these files, and we will provide direct notification, in accordance with applicable laws, to any individual whose personal information was potentially acquired by these criminals,” according to a letter dated Oct. 18 from Dr. Gaurav Passi.
Passi says he alerted law enforcement and “worked with cybersecurity experts” once the ransomware was found last month.
“Due to security updates completed by our network engineers and IT staff that included network segmentation, we were able to restore our computer systems from backups. As such, the district did not make any ransom payment to the criminals,” the letter says.
Cybersecurity experts say that was the right move by the district.
“Paying a ransom does not mean that they’re going to not put up your data,” says Adam Schwam of Sandwire Technology Group. “All that means is you paid a ransom and they could come around and say, ‘Well, we want more money.’ In essence, hold you hostage, it’s not enough. And this is what has happened.”
Meanwhile, those in the area say security may have to be tightened up.
“I know they have firewalls up, I guess they’re going to have to develop stronger ones,” says Island Park resident Laurie Sarro.
Those who were affected by the dark web leak would be directly notified, according to Passi, who encouraged everyone to “remain vigilant by regularly reviewing your credit reports and financial account statements for any unauthorized activity.”
“Our District was the victim of a criminal enterprise, and we understand how upsetting this is for our community. Unfortunately, ransomware attacks have been on the rise. We are one of the latest victims in this growing trend which has targeted other school districts, hospitals, and municipalities across the country. The district takes data security very seriously, and we are implementing several additional measures to enhance our security in an effort to prevent an incident like this from reoccurring in the future.”
The district also says it will provide complimentary credit monitoring for people whose data was stolen.
Other school districts have also recently been attacked by ransomware hackers, including North Babylon in 2020 and Rockville Centre in 2019.