RansomHub claims responsibility for cyber attack on Charleston County School District

This morning, ransomware gang RansomHub claimed responsibility for a recent cyber attack on Charleston County School District, South Carolina. The School District noted ‘suspicious activity’ and system disruption on July 16. Students were able to return to class as planned on August 13.

CCSD provided Comparitech with a statement:

Based upon the investigation into the system disruption on July 16, 2024, Charleston County School District (CCSD) can now confirm our environment was disrupted by unknown actors who acquired data.

 

At this time, we are not aware of any malicious misuse of school data. If it is revealed that sensitive data has been accessed or acquired without authorization, CCSD will make notifications to the impacted individuals and offer resources pursuant to state regulatory requirements.

 

The protection of our staff, students, and community is a top priority for the district management.

 

Unfortunately, malicious actors have been targeting school districts with greater intensity. Our dedicated IT staff and forensic experts have been working diligently to deploy additional measures and toolsets to protect our environment and investigate this incident. We are committed to protecting the sensitive data in our care and will work diligently to address this emerging threat to our nation’s education system.

While CCSD continues its investigations, we highly recommend students and employees remain vigilant for any potential phishing messages and monitor accounts for any suspicious activity.

Who is RansomHub?

RansomHub employs a ransomware-as-a-service model and has recently been linked to the now-defunct ransomware group, Knight. RansomHub has grown in notoriety in recent months, being behind some of the biggest ransomware attacks this year so far. This includes its attack on Rite Aid, the auction house Christie’s, Florida Department of Health, and Frontier Communications Parent, Inc.

To date, we have noted 27 confirmed and 157 unconfirmed attacks via RansomHub.

Ransomware attacks on US schools & colleges

So far this year, we’ve tracked 35 confirmed attacks on the US education sector. This appears to be a significant decline on last year’s figure of 120 in total.

Nevertheless, this latest attack on Charleston County School District joins a number of others confirmed in recent months. This includes Goshen Central School District, Northwest Arkansas Community College, Effingham County Schools, and Gadsden Independent School District. RansomHub was also responsible for the attack on Effingham County Schools.

We have also logged 47 unconfirmed attacks on US schools and colleges this year so far–three of which are claims from RansomHub.

About Charleston County School District

Located within Charleston County, South Carolina, CCSD is home to 80 schools and educates approximately 50,000 students from kindergarten to 12th grade.