Pembina Trails School Division Ransomware Claimed by Rhysida, Breach Forum Vendor Offers Data for 15 BTC
Published on February 1, 2025
- Rhysida ransomware group claimed the Pembina Trails School Division cyber attack.
- Stolen data allegedly from the school division has been offered on sale on breach forums.
- A vendor is offering to sell the data for 15 BTC with a deadline of 6 days.
The ransomware attack on Pembina Trails School Division that serves over 35 schools has been claimed by the Rhysida ransomware group on January 31.Â
TechNadu found images of passports with photographs, names, gender, place of birth and other sensitive information posted on the dark web.Â
We wrote to Pembina Trails Division School for a statement regarding the ransomware group’s claim and the images. We will update this report after receiving a response from them.Â
Based on the dark web post found by researchers, a cybercriminal vendor is offering the stolen data from the Pembina Trails School Division for 15 BTC with a time limit of 6 days.
The cyber incident was detected by the school division authorities on December 2, 2024. As a result of the network system interruption, some of the systems, and phones were left offline.Â
Payroll systems were temporarily taken offline. However, schools were still open with regular classes getting conducted.Â
The next day the division posted about the phone lines being made accessible. In a later update posted on December 10, they stated that there were no indications of databases with personal information of students or staff being exposed.Â
A more recent update made on January 23 stated that student information and payroll data was accessed by unauthorized third-party.Â
Despite the incident, the IT department restored the divisional and in-school devices allowing regular school operations.Â
The database contains records of students who were part of the Pembina Trails School Division from 2014 to December 2, 2024.Â
Related
Most Popular
Most Popular