Wootton Upper School was targeted by the Hive ransomware group and managed to encrypt all of Wootton organisation servers.
The group exfiltrated sensitive data such as home addresses, bank details, medical records and students’ psychological reviews.
The group also threatened to post sensitive data unless the school pays out £500,000.
however, Wootton management decided to move on with their plan and refused to pay the ransom and started to re-build their network on their own.
TPRM report: https://scoringcyber.rankiteo.com/company/wootton-upper-school
"id": "woo235861222",
"linkid": "wootton-upper-school",
"type": "Ransomware",
"date": "07/2022",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Education',
'name': 'Wootton Upper School',
'type': 'Educational institution'}],
'attack_vector': 'Unknown',
'data_breach': {'data_encryption': True,
'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['home addresses',
'bank details',
'medical records',
'students’ psychological '
'reviews']},
'description': 'Wootton Upper School was targeted by the Hive ransomware '
'group, leading to encryption of all servers and exfiltration '
'of sensitive data.',
'impact': {'data_compromised': ['home addresses',
'bank details',
'medical records',
'students’ psychological reviews'],
'systems_affected': 'All organization servers'},
'motivation': 'Financial gain',
'ransomware': {'data_encryption': True,
'data_exfiltration': True,
'ransom_demanded': '£500,000',
'ransomware_strain': 'Hive'},
'response': {'remediation_measures': 'Rebuilding the network'},
'threat_actor': 'Hive ransomware group',
'title': 'Ransomware Attack on Wootton Upper School',
'type': 'Ransomware'}