Security

Hacker demands 30 bitcoins for student data stolen in Snowflake attack

A threat actor is demanding 30 bitcoins worth approximately $2 million for the data of millions of K-12 students after hackers infiltrated cloud-based data firm Snowflake and attempted to extort Ticketmaster and nine other firms.

Cyber security reporters HackManac say the threat actor, known as ‘Sp1d3r,’ is selling data stolen from LASchools.net and Edgenuity.

In the ransom post, Sp1d3r said, “Warning to LASchools/Edgenuity: Pay in 7 days or we leaking student details.”

These details allegedly include names, addresses, demographics, financials, medical information, performance scoring, discipline details, and parent and student login details. Students affected reportedly range from kindergarten to the 12th grade.

A screenshot taken of the bitcoin ransom post by HackManac.

Bloomberg reported that ransoms between $300,000 and $5 million have been demanded from 10 companies that rely on Snowflake’s infrastructure, including Ticketmaster, Advanced Auto Parts, and Santander.

Google’s Mandiant security has attributed Snowflake’s hacking to the group ‘UNC5537’ and is investigating its possible collaboration with ‘Scattered Spider.’

Spanish police arrested the alleged leader of the Scattered Spider group this week. Authorities say the 22-year-old British national is thought to have made roughly 391 bitcoins worth around $26 million, through cybercrime.

Read more: Crypto ransom group LockBit leaks stolen pharmacy staff data

Reports from Wired, however, indicate that Ticketmaster’s data was actually stolen by the hacking group ShinyHunters. The group previously hacked one of India’s biggest crypto exchanges, BuyUCoin.

A senior analyst at the security firm ReliaQuest told Wired over a week ago that it’s unsure if Sp1d3r is legitimate or not. He said, “The threat actor’s profile picture is taken from an article referencing the threat group Scattered Spider, although it is unclear whether this is to make an intentional association with the threat group.”

Source

Click to rate this post!
[Total: 0 Average: 0]
Show More

Leave a Reply

Your email address will not be published. Required fields are marked *