A ransomware attack hit the IT systems of London-based nonprofit multi-academy trust Harris Federation on Saturday, March 27.
Harris Federation is a multi-academy trust of 50 primary and secondary academies in and around London educating more than 36,000 students.
Once discovered the ransomware infection, the IT staff at the nonprofit organization has taken its systems offline along with the email and landline phone systems, and students’ devices. All the phone calls were being redirected to mobile phones.
“A ransomware attack means that cyber-criminals have accessed our IT systems and encrypted, or hidden, their contents.” reads a statement published by the organization. “This is a highly sophisticated attack that will have significant impact on our academies but it will take time to uncover the exact details of what has or has not happened, and to resolve”
Harris Federation is investigating the incident with the support of the National Crime Agency, the National Cyber Security Centre, and experts from a cybersecurity firm.
The nonprofit organization declared that at least another three multi-academy trust to have been targeted in March.
All Harris Federation’s schools will finish the current term on Wednesday 31st March except for ten academies that will finish on April 1st.
During the past months, we have observed a significant increase in targeted ransomware attacks against education institutions.
Two weeks ago, the FBI has issued an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
Follow me on Twitter: @securityaffairs and Facebook
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, ransomware)
[adrotate banner=”5″]
[adrotate banner=”13″]
The U.S. indicted Russian Rustam Gallyamov for leading the Qakbot botnet, which infected 700K+ devices…
Law enforcement operation codenamed 'Operation RapTor' led to the arrest of 270 dark web vendors…
A Chinese threat actor, tracked as UAT-6382, exploited a patched Trimble Cityworks flaw to deploy…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Samsung MagicINFO 9 Server vulnerability to its…
Signal implements new screen security on Windows 11, blocking screenshots by default to protect user…
Microsoft found 394,000 Windows systems talking to Lumma stealer controllers, a victim pool that included…
This website uses cookies.
