Vice Society Cyberhacker Group Leaks Documents in Gloucestershire School

Andi C., Tech Times 06 January 2023, 12:01 pm

The Vice Society ransomware group, a hacker collective, exposed a significant amount of Personally Identifiable Information (PII) on students and staff at 14 UK universities and schools.

This includes information on students' Special Educational Needs (SEN), scans of students' passports for field trips, and staff contracts and payroll information.

One of those was Pates Grammar School in Gloucestershire. According to Computer Weekly, children's SEN information, child passport scans, employee pay scales, and contact details, which were taken in 2021 and 2022, are all included in the papers that the BBC has access to.

Pates Grammar School, according to a spokesman, takes the security of its systems and data very seriously.

"As we have seen again by the latest attack from Vice Society on both US and UK schools, criminals are increasingly attracted by stores of sensitive student data, as well as financial information, parent and investor details, and, too often, a lack of attention to and investment in cyber security." According to Keiron Holyome.

Latest Vice Society Cyberhacker Attack

According to BBC, an investigation has found that 14 different schools were affected, including Pates Grammar School in Gloucester, which was attacked in September 2022. Although it was initially believed that no data had been exfiltrated, the school informed parents via email five days later that this was not the case.

Here is a list of the following schools that were affected by the cyberattack:

Carmel College, St Helens
Durham Johnston Comprehensive School
Frances King School of English, London/Dublin
Gateway College, Hamilton, Leicester
Holy Family RC and CE College, Heywood
Lampton School, Hounslow, London
Mossbourne Federation, London
Pilton Community College, Barnstaple
Samuel Ryder Academy, St Albans
School of Oriental and African Studies (SOAS), London
St Paul's Catholic College
Sunbury-on-Thames; Test Valley School, Stockbridge
The De Montfort School, Evesham

Pates Grammar School is currently working with forensic experts to look into and examine the data and safeguard its networks, according to a spokeswoman for the school. At this point, they claimed, the affected systems had been brought back online, and the disturbance had been reduced.

As of this writing, there is no information indicating if any of the aforementioned reported victims have paid a ransom. Additionally, the Information Commissioner's Office (ICO) has been informed of the numerous events.

Who Are the Vice Society Ransomware Crew?

According to Unit42, the Vice Society has been involved in a high-profile series of cyberattacks on schools in the UK and the USA. The hacker group allegedly took 500 terabytes of data from the entire Los Angeles Unified School District.

Vice Society first appeared in 2021 and is known to target backups and exfiltrate information from infected systems to be used for double extortion, which is a common ransomware operation strategy in which victims are coerced into paying a set ransom in exchange for decryption and to prevent having sensitive information published on the attacker's dedicated leak site.

Additionally, the FBI has previously issued a warning over the group's activities. Vice Society demands money after data theft, and if no money is given, the documents are leaked.