Hackers post files after Broward school district refuses to pay ransom

BROWARD COUNTY, Fla. – Hackers who sought $40 million in ransom from the Broward County Public School District, which refused to pay, have now published nearly 26,000 stolen files.

The South Florida Sun Sentinel reports many of the files contain Broward School District accounting and financial records.

That includes invoices, purchase orders, and travel and reimbursement forms.

So far the files examined by the newspaper haven’t contained Social Security numbers.

The international malware group Conti posted the files Monday after the district announced March 31 it had no intention of paying a ransom.

Officials say they’re analyzing the posted content to determine what further action is needed.

In a letter sent several weeks ago to employees, a BCPS representative wrote that the service disruption experienced in early March was caused “by unauthorized activity on their computer network.” BCPS also alleged that their core functions were not impacted.

“We have no intention of paying any ransom,” the letter to employees said. “Our investigation is ongoing, and we have no evidence that any individuals’ personal information has been accessed or removed from our network or compromised in any way.”

Below is the statement the school district released Tuesday:

“Broward County Public Schools (BCPS) is aware of the recent actions taken by the criminals who breached our system. With the assistance of outside experts, the District has implemented a plan to analyze the content to determine what further action is necessary. BCPS will make all the necessary notifications, based on the analysis of the data. Cyber security experts are continuing to investigate the incident and enhance measures system-wide. To address concerns regarding this incident, the District has placed a Frequently Asked Questions section on the homepage of our website, www.browardschools.com.”

Information technology expert Patrick Dyer told Local 10 News it’s all about having the right technology, people and processes in place.

He calls ransomware one of the greatest threats in modern history.

“I have a high degree of confidence that what happened could have been prevented,” Dyer said. “What I’m seeing is a lot of these organizations, unfortunately, don’t really understand the risk posture.”

But it turns out they do in the Broward County school district.

The district’s head of information technology talked about it at the last school board meeting.

“I don’t think I am betraying any sensitive security information by saying that this organization is attacked by malware easily in the several thousands of times a year,” said Phillip Dunn, Broward Schools Chief Information Officer.

Yet in Broward schools, he says funding for IT has dropped 20%. So he’s asking for $5.6 million, which would include funding for six additional staffers.

The FBI does not support paying a ransom in response to ransomware gang attacks because paying it doesn’t guarantee an organization will get any data back and it perpetuates the incentive.