Hackers post sensitive FCPS information on dark web

The hackers responsible for a ransomware attack on Fairfax County Public Schools last month posted information they stole on the dark web, Superintendent Scott Brabrand announced Oct. 9.

“It appears as though certain personal information for some students and employees may have been impacted,” Brabrand acknowledged. 

According to news reports, that includes a spreadsheet from 2014 listing several hundred employees’ names, Social Security numbers, and a few details about their health insurance, along with student disciplinary letters sent to families. 

“We are working around the clock to identify the information that was taken and will notify impacted individuals as appropriate,” Brabrand said. 

Related story: Fairfax County Schools hit with ransomware attack

A group of cybercriminals, known as the Maze group, claimed responsibility for the attack. Ransomware is a form of malware that is designed to prevent users from accessing files, and in some cases, extract and hold data hostage until a ransom is paid. 

The cyberattack has not disrupted FCPS virtual learning operations nor affected its ability to meet payroll and administrative obligations, Brabrand said. 

“In the midst of all the challenges posed by virtual learning and the pandemic, cybercriminals have been targeting educational systems around the country in an attempt to disrupt their operations,” he said. “FCPS is just one of more than a thousand educational systems to suffer a ransomware attack in the past year. In the past week alone, multiple school districts were reported to be victims of ransomware attacks.”

According to Brabrand, FCPS has implemented several cybersecurity-related enhancements, evaluating additional steps to further harden defenses, and is working with outside security experts, the FBI, and Virginia State Police to investigate the attack.