Clover Park School District

Clover Park School District fell victim to a ransomware attack in May 2021.

The threat actor demanded $350,000 in monero and after the school refused to pay they began dumping data.

They dumped a number of folders containing employee/personnel information and also a folder labeled Students containing little student-related personal information.

The information on employees or former employees included exit interviews and approximately 50 files with disciplinary actions about named employees and some with plans of improvement or probationary information on named employees.

After the investigation, the district notified 1,583 people about the breach and offered them 12 months of credit monitoring services.

Source: https://www.databreaches.net/update-clover-park-school-district-notifies-1583-impacted-by-ransomware-incident/

TPRM report: https://www.rankiteo.com/company/clover-park-school-district

"id": "clo12424822",
"linkid": "clover-park-school-district",
"type": "Ransomware",
"date": "5/2021",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'customers_affected': 1583,
                        'industry': 'Education',
                        'name': 'Clover Park School District',
                        'type': 'Educational Institution'}],
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': 1583,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Employee/personnel information',
                                              'Student-related personal '
                                              'information']},
 'date_detected': 'May 2021',
 'description': 'Clover Park School District fell victim to a ransomware '
                'attack in May 2021. The threat actor demanded $350,000 in '
                'monero and after the school refused to pay they began dumping '
                'data. They dumped a number of folders containing '
                'employee/personnel information and also a folder labeled '
                'Students containing little student-related personal '
                'information. The information on employees or former employees '
                'included exit interviews and approximately 50 files with '
                'disciplinary actions about named employees and some with '
                'plans of improvement or probationary information on named '
                'employees. After the investigation, the district notified '
                '1,583 people about the breach and offered them 12 months of '
                'credit monitoring services.',
 'impact': {'data_compromised': ['Employee/personnel information',
                                 'Student-related personal information']},
 'motivation': 'Financial',
 'ransomware': {'data_exfiltration': True,
                'ransom_demanded': '$350,000',
                'ransom_paid': 'No'},
 'response': {'communication_strategy': 'Notified affected individuals and '
                                        'offered 12 months of credit '
                                        'monitoring services'},
 'title': 'Clover Park School District Ransomware Attack',
 'type': 'Ransomware'}