Hesperia Unified School District in San Bernardino County, California today notified an undisclosed number of people about a May 2024 data breach that compromised names, Social Security numbers, and driver’s license numbers.
Ransomware group LockBit claimed responsibility for the attack and gave the school district until June 3, 2024 to pay an undisclosed sum of money.
The schools’ notification (PDF) specifically states employee information might have been accessed by an unauthorized party, so student data might not be impacted. In addition to the data mentioned above, some files contained health insurance and medical information.
We don’t yet know how many people are affected by the breach, whether the school district has paid or will pay the ransom, which systems were affected, or how attackers breached the district’s network.
Comparitech contacted Hesperia Unified School District for comment and will update this article if it responds.
We recommend victims take advantage of the free credit monitoring and ID theft protection offered by the school district via Experian. Monitor your credit report, bank statements, and medical bills for signs of fraud.
Who is LockBit?
LockBit is one of the most prolific ransomware gangs of recent years after first appearing in 2019. The group is most likely based in Russia.
LockBit often extorts victims twice: once for a decryption key to restore systems that its malware has encrypted, and again in exchange for not selling or publicly releasing stolen data.
Comparitech has logged 45 confirmed attacks claimed by LockBit so far this year, affecting 165,367 records. 11 of those attacks were against the education sector, six of which occurred in the United States:
- Clackamas Community College
- Groton Public Schools
- Central School District 13J
- Township of Union Public Schools
- Ewing Marion Kauffman School
- Hesperia Unified School District
LockBit has claimed a further 360 unconfirmed attacks this year, 21 of which are on the education sector.
In 2023, LockBit was also responsible for attacks on White Settlement Independent School District, Olympia Community Unit School District 16, University of Health Sciences and Pharmacy, Hillsborough County Public Schools, Fauquier County Public Schools, Río Hondo College, William Jewell College, Greensboro College, Atlanta Technical College, and Virginia Union University.
Ransomware attacks on US education
In addition to data theft, ransomware attacks can lock up critical computer systems and networks, forcing schools to resort to pen and paper, and in some cases even cancel classes until systems are restored.
Comparitech has logged 20 confirmed ransomware attacks on US schools and colleges so far in 2024, affecting 24,054 records. In 2023, we recorded 109 such attacks, affecting 2,014,576 records.
About Hesperia Unified School District
Formed in 1987, the San Bernardino County school district consists of three high schools, three middle schools, 12 middle schools, five charter schools, two continuation schools, three choice schools, two alternative schools, and one adult education school. It has about 22,000 students and 1,150 staff, according to external sources.