Multiple schools, such as Pates Grammar School in Gloucestershire and the School of Oriental and African Studies in London, confirmed they faced cyber attacks in September 2022. During that same month, Vice Society also carried out a massive ransomware attack against the Los Angeles school district (LAUSD), the second-largest school district in the United States. The BBC unveiled the dark web leak early on Friday and analyzed the documents Vice Society stole from Pates Grammar School.
Pates School Attack Timeline
According to the BBC’s analysis, the Pates Grammar School faced a cyber incident on Sept. 28, 2022, that knocked its IT systems and phone lines offline. Consequently, the school informed parents about the events and set up a Gmail address for communication. On Oct. 7, the headteacher wrote to parents confirming that the cybercriminals had carried out an attack on the school. At the time, the headteacher said that there was no evidence the malicious actors had stolen any personal information. However, five days later, the school informed parents that the actors did, in fact, steal data and post it on their dark web site. According to the BBC, the attackers gained access to the documents with relative ease. “The documents stolen from Pates Grammar School were comprehensive, with hackers taking documents using generic search terms,” the BBC reported. “One folder marked ‘passports’ contains passport scans for pupils and parents on school trips going back to 2011, whereas another marked ‘contract’ contains contractual offers made to staff alongside teaching documents on muscle contractions.” They found another folder titled “confidential,” which contained information on the headmaster’s salary and student bursary fund receipts.
Statements from Other Affected Schools
The School of Oriental and African Studies, London, said the hackers stole 18,680 files, including staff contracts and budget details. “We notified staff and students of the incident, and while we were able to prevent the incident escalating, it resulted in a small, limited data breach of files on internal storage,” a SOAS spokesperson said. “The individuals affected have been contacted, and we are continuing to offer support as required.” Another victim school, the Lampton School in London, issued the following statement: “Teachers were aware of the breach but we did not inform them of the data that was stolen. The ICO did not tell us to notify the data subjects. We blocked remote access to all but a small number of staff with two-factor authentication, and all our passwords have been reset.” Below is a list of the affected schools according to Vice Society’s leak site:
Carmel College, St Helens Durham Johnston Comprehensive School Frances King School of English, London/Dublin Gateway College, Hamilton, Leicester Holy Family RC + CE College, Heywood Lampton School, Hounslow, London Mossbourne Federation, London Pates Grammar School, Gloucestershire Pilton Community College, Barnstaple Samuel Ryder Academy, St Albans School of Oriental and African Studies, London St Paul’s Catholic College, Sunbury-on-Thames Test Valley School, Stockbridge The De Montfort School, Evesham