The Clark County School District (CCSD) successful Nevada is dealing pinch a perchance monolithic information breach, arsenic hackers email parents their children's' information that was allegedly stolen during a caller cyberattack.
CCSD is nan 5th largest schoolhouse territory successful nan US, pinch complete 300,000 students and 15,000 teachers.
On October 16, CCSD confirmed it suffered a cyberattack earlier this month, stating threat actors gained entree to nan district's email servers.
"On astir October 5, 2023, Clark County School District ("CCSD") became alert of a cybersecurity incident impacting its email environment," reads a statement from nan Clark County School District.
"Upon discovering nan incident, CCSD instantly engaged a squad of forensic experts to analyse nan incident and guarantee that CCSD operates wrong a safe and remediated email environment. CCSD is besides cooperating pinch rule enforcement's investigation."
"Thus far, nan investigation revealed that nan unauthorized statement accessed constricted individual accusation related to a subset of students, parents, and employees. CCSD is moving diligently to place each individuals whose accusation was impacted by this incident."
In consequence to nan attack, CCSD abnormal entree to its Google Workspace from outer accounts and has forced reset each student's passwords.
Since then, things person taken a move for nan worse, pinch parents reporting they are receiving emails from nan threat actors warning that their child's information was leaked.
"I'm truthful sorry to show you this but unluckily your backstage accusation has been leaked. You should astir apt alteration your accusation successful CCSD systems if that is possible," sounds an email titled "CCSD Leak" seen by the Las Vegas Review Journal.
"There are complete 200,000 student profiles for illustration this which person been leaked now by nan hackers. Be observant retired there. Don't sprout nan messenger!"
According to a study from KSNV News 3 Las Vegas, these emails include PDF files that contain students' stolen data, including student photos, addresses, student ID numbers, and email addresses,
Both students and parents are upset and frightened that nan threat character has their information and could perchance usage it for different malicious purposes, specified arsenic personality theft aliases further phishing attacks.
BleepingComputer contacted CCSD connected Friday but did not person a consequence arsenic they were closed for nan Nevada Day holiday.
SingularityMD hackers claim attack
According to a detailed study by DataBreaches.net, nan hackers down nan Clark County School District breach telephone themselves 'SingularityMD' and person already begun to leak what they declare is nan information for 200,000 CCSD students.
The threat actors contacted DataBreaches.net to stock accusation astir nan attack, including a nexus to a "statement" that contains URLs for allegedly stolen data.
"We SingularityMD (the hack team), would for illustration to make a connection for clarification. CCSD did not observe a information issue, we emailed them to show them we had been successful their web for a fewer months," sounds a statement by nan hackers connected a code-sharing site.
"For 6 years they forced students to usage their day arsenic their password, resetting nan passwords backmost to their commencement day each year, they moreover prevented nan students from securing their accounts."
"We asked for little than 1 3rd of nan Jesus F Jara's yearly net successful speech for destroying nan stolen data. The callousness and incompetence of nan activity astatine CCSD is astounding, not only did they not cooperate, it is clear they did not pass pinch principals and person still not plugged their leaky ship, meaning we still person entree to nan network."
This statement contains links to leaked information archives hosted connected acheronian web and clearweb sites, containing what nan hackers declare is nan individual information of 200,000 students.
This information allegedly contains student's emails, commencement dates, ethnicity, PSAT scores, wellness information, suspensions, incident reports, and different information.
The threat actors besides leaked what they authorities are financial reports, unit salaries, and assistance accusation from the district.
DataBreaches.net examined immoderate of nan leaked data and said it looks legitimate, but CCSD has not responded to their emails to verify if nan information belongs to them.
However, parents who received immoderate of nan leaked information person already verified that nan accusation belongs to their children, adding legitimacy to nan leaks.
At this time, nan threat actors declare to still person entree to CCSD's systems and person much information that they will leak if nan schoolhouse territory does not salary an extortion demand.
"One last extremity for CCSD, we will proceed to origin problem until you pay, aliases you yet footwear america retired of your network," concluded nan threat actor's post.
BleepingComputer has been incapable to verify if nan attacker's claims of still having entree to CCSD systems are true.
Furthermore, it should beryllium noted that SingularityMD is not related to nan AI level nether nan aforesaid name.