In a recent disclosure, Prince George’s County Public Schools (PGCPS), a school district in the Washington, D.C., suburbs, revealed that the personal information of nearly 100,000 individuals was compromised in a ransomware attack that occurred just before the start of the fall semester.
PGCPS concluded its investigation into the incident earlier this year, as stated in a regulatory filing dated February 16. The investigation confirmed that “personal information was included in the potentially impacted data set,” highlighting the severity of the breach.
The ransomware attack, which was initially discovered on August 14 of last year and promptly reported, resulted in a network outage for the Maryland district, affecting approximately 130,000 students enrolled in the system.
According to PGCPS, the compromised data includes individuals’ names, financial account information, and Social Security Numbers. The breach, which commenced as early as August 3, was exacerbated when the Rhysida ransomware gang reportedly posted PGCPS data on its leak site in November.
The regulatory filing specifies that a total of 99,543 individuals were impacted by the breach in August, although it does not attribute the attack to any specific cybercrime group.
