Massachusetts school board pays $10,000 ransom after hack

Officials bow to their attackers after losing access to computer networks

A Massachusetts school district that fell victim to a ransomware attack paid cybercriminals $10,000 in Bitcoin to unlock their files.

Leominster school district handed over the huge sum to unknown hackers after the incident in mid-March, which left employees unable to access computer systems.

The malware froze emails and encrypted data on devices across the school network, rendering the computers useless.

In a controversial move, the school board decided to pay the attackers to unlock the files.

News of the $10,000 payment goes against the overwhelming amount of advice from cybersecurity experts, who have urged victims never to pay a ransom fee.

Wilson Wong, head of IT at the Hong Kong Productivity Council, previously told The Daily Swig why victims shouldn’t give in to cybercriminals.

He said: “We advise victims not to pay the ransom. For a start, there is no guarantee that paying ransom can get back the data.

Secondly, such action will encourage criminals to carry out more attacks. It also shows the attacker that the victim and their industry would be good targets in the future.”

Contrary to this advice, which is echoed by the US Computer Emergency Readiness Team, NCC Group, and the Canadian Cyber Incident Response Centre, among many others, the city still went ahead with the deal in a bid to retrieve the data.

Massachusetts mayor Dean J Mazzarella confirmed that the FBI is investigating the incident, adding that the attackers were “smart”.

He said: “They are using the best and highest technology. They were just looking for an opening and the system was hacked somehow or another.”

West coast woes

The incident comes as three facilities at California’s Center for Orthopaedic Specialists (COS) were hit by a ransomware attack in the same week.

Around 85,000 patient records were exposed in the attack on the centers in West Hills, Simi Valley and Westlake Village.

Affected data possibly included names, birth dates, addresses, Social Security numbers, and insurance details.

COS said it has notified victims that their data could have been accessed and offered two years’ free credit monitoring services.

The center was just one of the many healthcare providers to have been targeted in recent years.