Bitcoin Ransom For Student Data: Hacker Demands $2 Million To Prevent Leak

This week, online reports surged of a major data leak involving data from millions of students in the US. The hacker demands a Bitcoin (BTC) payment to prevent the public from leaking sensitive information. The security breach seems to be part of a larger attack on a cloud database.

Student Data At Risk of Being Leaked

On Tuesday, two educational institutions from the US received a warning that sensitive information had been hacked. A hacker known as Sp1d3r announced that the data of over 4 million US students was at risk of being publicly leaked.

The hacker claims to have stolen the information from Los Alamos Public Schools, and Edgenuity, an online learning platform. Seemingly, the information was taken from Edgenuity and LASchools.net’s Snowflake accounts.

It’s worth noting that, despite the hacker’s post stating the information is from Los Angeles Schools, the website cited is from Los Alamos Public Schools, a school district in the Los Alamos area in New Mexico.  

As reported by Bloomberg, the cloud-based data analytics firm suffered a series of “targeted” cyberattacks against Snowflake users without 2-factor authentication (2AF). Per the report, the hackers are demanding payments wavering between $300,000 and $5 million for the sensitive stolen data.

Sp1d3r warned the victims, asking for 30 Bitcoin, around $2 million, or the students’ information would be publicized. The data includes details from millions of minors, kindergarteners to 12th-grade students, and their parents.

Per the list, students names, addresses, financials, discipline, grades, GPAs, and performance scoring were stolen. Additionally, the hacker has the victims’ medical information and the parents’ online login credentials.

The victims have until June 25 to make the payment in Bitcoin. Similarly, the hacker has recently issued a warning to users of the Santander Group Bank, demanding a 30 Bitcoin payment for the data of over 30 million customers in Spain, Chile, and Uruguay.

$27 Million In Bitcoin Made By Hacker Group Leader

The attack on Snowflake’s database has been attributed to the “UNC5537” hacking group by Google’s Madiant security business. Per the investigation, there’s a possibility that the hacking group, which is based in Turkey and the US, collaborated with another group called “Scattered Spider” for their attacks.

The cybercriminal group seemingly consists of young adults aged 19 to 22 in the US and the UK, focusing on data theft and extortion. The hacking group was recently in the news after an alleged ring member was detained in Spain.

Over the weekend, Murcia Today reported that a 22-year-old British was arrested in Palma de Mallorca. The man was detained under suspicion of being Scattered Spider’s ringleader.

According to the report, Spanish authorities collaborated with the FBI to capture the man as he prepared to board a plane to Italy. The suspect entered Spain at the end of May through the Barcelona airport.

The police stated that the detained man had made around 400 Bitcoin, worth $27 million, by stealing sensitive information from companies and selling it.