Hackers are sharing more private information after hacking a Virginia public school system’s computer system.
Several hundred Fairfax County Public Schools employees’ names and Social Security numbers are now floating around the dark web.
In September, a criminal internet hacker group called Maze claimed to have stolen personal data from inside FCPS’ computer system. On the dark web, Maze showed a link to download a handful of the stolen documents, including letters from the school system to parents discussing disciplinary actions with their students. The hackers claimed to have a lot more and threatened to release it unless they were paid a ransom.
A couple of days later, those documents were pulled off the website. A cybersecurity expert said that typically happens when the victim — in this case, FCPS — begins ransom negotiations with the criminals.
FCPS confirmed it hired cybersecurity experts and said the FBI was investigating the attack.
The hackers released more private information Friday, and this time it's much more dangerous to FCPS employees, a cybersecurity expert said.
One of the newly leaked documents is a spreadsheet from 2014 listing several hundreds of employees' names, Social Security numbers and a few details about their health insurance.
A cybersecurity expert says every one of those employees is at risk of identity theft.
"Besides providing people with the resources and tools they need to protect themselves against data theft, there is really not much that the District can do,” said Brett Callow of software company Emsisoft. “The data has been posted. Other people may have downloaded it and may use it for nefarious purposes."
The hacking incident did not disrupt distance learning for students.
FCPS sent News4 the following statement:
"Fairfax County Public Schools (FCPS) – like many other school systems around the country – was a victim of a sophisticated ransomware attack. The cyber criminals gained access to some of our servers but did not disrupt our virtual learning operations. After learning of the incident, FCPS quickly took action to contain the threat, secure systems, and restore affected servers. As a result, FCPS was able to start the school year without any delays.
"We are investigating the incident and have retained leading outside security experts to determine the nature and scope of the incident. We are working closely with the FBI and Virginia State Police and supporting their own investigations to bring the criminals to justice. At this time, our ongoing investigation has revealed that certain personal information for some students and employees may have been impacted. We want to be clear that while our investigation progresses, our focus will remain on delivering a safe, productive virtual learning environment to all of our students. We are working around the clock to identify the information that was taken and will notify impacted individuals as appropriate.
"We have implemented several cybersecurity-related enhancements and are continuing to evaluate additional steps that may be taken to harden our defenses. Maintaining continuity of school for our students, faculty and staff, along with safeguarding their data, are our top priorities."