BUFFALO, N.Y. (WIVB) – The worst could be yet to come following a ransomware attack against Buffalo Public Schools last March.
School officials now say sensitive personal information was exposed.
By the time buffalo school officials detected their computer network had been hacked, cybersecurity experts suspect the malware had already burrowed deep into the school district’s operating systems.
It is reminiscent of another ransomware attack against ECMC four years ago.
On April 9, 2017- Palm Sunday- ECMC’s emergency department staff noticed their computers were going haywire, so they immediately contacted the hospital’s IT personnel.
“They recognized there was something seriously wrong and they proactively shut down our entire computer system,” said Peter Cutler, VP of communications and external affairs for ECMC said.
The diagnosis was a cyber attack- and Cutler recalled their IT staff recognized the bug as ransomware. The hackers were demanding the equivalent of $50,000 in bitcoin to decipher ECMC’s files.
ECMC did not pay the ransom. As a result, ECMC had to rebuild their computer systems from the ground up, which took months.
“Throughout this whole entire process, no patient information, no patient health information was ever exfiltrated as a result of this ransomware attack,” Cutler added.
The Buffalo Public School District is not commenting on possible ransom demands, but school officials have notified parents student records were exposed.
Vendors’ account information has been compromised, and so have social security numbers and bank account information for teachers.
“What is more disturbing is that we have a feeling that there is a lot more information that is not included in that letter that we are going to probably discover,” said Philip Rumore, president of the Buffalo School District teachers’ union.
Cyber security expert Dave Newell says the hackers stealing student records is about more than their grades.
“They are getting information that has never been used before,” Newell said. “So there is not actually a credit history to check- So it could very well be that student information is ripe for identity theft.”
The hackers that struck ECMC were part of an international crime organization, Cutler told News 4.
Ironically, the ransom would have cost about $50,000- but by refusing to pay, rebuilding the hospital’s computer network cost about $10 million, which was covered by cyber insurance.