Ransomware group RansomHub today claimed responsibility for a cyber attack on Effingham County Schools in Springfield, GA.
Effingham County Schools announced a cyber attack occurred on July 18, 2024 on the district’s website, but that announcement was later removed. The screenshot below was taken from an archived version of the website.
The District hasn’t yet disclosed whether it paid a ransom, what data was compromised, whether its systems were encrypted, or how attackers breached its systems. It has not verified RansomHub’s claim. Comparitech contacted Effingham County Schools for comment and will update this article if it responds.
Who is RansomHub
RansomHub employs a ransomware-as-a-service model in which affiliates pay to launch attacks using RansomHub’s malware and infrastructure. The group has been linked to a now-defunct ransomware group, Knight.
Comparitech researchers logged 20 confirmed ransomware attacks claimed by RansomHub so far in 2024, compromising more than 3 million records. Only one other confirmed RansomHub attack was in education: an attack Hong Kong College of Technology that affected 8,100 records.
We further tracked 126 unconfirmed attacks claimed by RansomHub, five of which were in the education sector.
Ransomware attacks on US schools
Most ransomware attacks encrypt data on target computer systems. Those systems become unusable until a ransom is paid to decrypt them. Many ransomware attacks also steal data and send it to the attacker. That data can then be held for additional ransom, under threat of selling it or releasing it to the public.
Ransomware attacks on schools can disrupt operations in and out of the classroom, from grades and assignments to payroll and administration. Schools might be forced to cancel classes or revert to pen and paper until systems are restored.
So far in 2024, Comparitech recorded 28 confirmed ransomware attacks on US schools, affecting 24,054 records. This is a significant decline from 2023 — 113 attacks affecting 2,565,418 records.
The average ransom for a US school is just under $495,000.
Other ransomware attacks on US schools this month include Goshen Central School District and Northwest Arkansas Community College (NWACC).
Comparitech also logged 48 unconfirmed ransomware attacks on US education this year so far.
About Effingham County Schools
Effingham County Schools is a public school district that serves the cities of Springfield, Guyton, and Rincon in Georgia. It enrolls about 14,000 K-12 students and employs about 1,300 people. The District is comprised of eight elementary schools, three middle schools, two high schools, and three academies:
- Blandford Elementary School
- Ebenezer Elementary School
- Guyton Elementary School
- Marlow Elementary School
- Rincon Elementary School
- Sand Hill Elementary School
- South Effingham Elementary School
- Springfield Elementary School
- Ebenezer Middle School
- Effingham County Middle School
- South Effingham Middle School
- Effingham County High School
- South Effingham High School
- enCompass Academy
- Effingham College & Career Academy
- Crossroads Academy