
























Grandview School District in Washington this week confirmed it notified 9,414 people of a September 2024 data breach that compromised the following personal info:
Grandview on October 8, 2024 reported an internal server disruption that affected its phone and internet services. Until now, 21 months later, the district didn’t directly notify data breach victims or reveal what data was compromised. For comparison, it takes an average of about four months for most organizations to notify victims of a data breach.
On November 27, 2024, a cybercriminal group called BlackSuit took credit for the breach. BlackSuit said it stole the personal files of employees and students.
Grandview has not acknowledged BlackSuit’s claim and Comparitech cannot independently verify its authenticity. We do not know if the district paid a ransom, how much BlackSuit demanded, how attackers breached the district’s network, or why it took so long to notify victims. Comparitech contacted Grandview School District for comment and will update this article if it replies.
“Through our investigation, we determined that an unknown actor gained access to certain GSD computer systems between September 28, 2024 and October 8, 2024 and was able to view or download certain data,” says Grandview’s notice (PDF) to breach victims.
The district is offering breach victims 12 months of free credit monitoring through CyberScout. The deadline to enroll is 90 days from the date on the notice letter, and you must be at least 18 years old to enroll.
BlackSuit is a ransomware gang that first emerged in April 2023. It has a history of attacking critical industries like healthcare, government, and education. It’s a private operation and doesn’t employ a ransomware-as-a-service business model. BlackSuit often extorts victims both for the decryption key to restore attacked systems and in exchange for not selling or publishing stolen data.
BlackSuit hasn’t claimed any new attacks since June 2025. Prior to that, BlackSuit claimed responsibility for 177 ransomware attacks. Of those, 72 were confirmed by the organizations it targeted.
13 of BlackSuit’s confirmed attacks hit schools, colleges, and other educational institutions. They include:
Comparitech researchers logged 83 confirmed ransomware attacks on schools, universities, and other educational institutions in 2024. Those attacks compromised 3.72 million records.
We recorded 56 such attacks in 2025 and 12 so far in 2026.
Other recently-confirmed data breaches resulting from ransomware attacks on US schools and colleges include:
Ransomware attacks on schools can both steal data and disrupt day-to-day operations such as taking attendance, submitting grades, phone and email communications, billing, payroll, and assignments. Schools that refuse to pay can face extended downtime, permanent data loss, and putting students and faculty at increased risk of fraud.
Grandview School District consists of three elementary schools, a middle school, a high school, and a learning center. It enrolls 3,644 students, according to its website.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。