Tuesday, October 21, 2025
Malware

Qilin Claims Ransomware Attack on Mecklenburg Schools

by CybrGPT
0 comment

A ransomware attack that disrupted operations at Mecklenburg County Public Schools (MCPS) in early September has been claimed by the Russian cybercrime group Qilin.

The gang said it stole 305 GB of sensitive data from the southern Virginia district, including financial records, grant documents, budgets and children’s medical files.

Cyber-Attack Shuts Down Schools

MCPS first alerted families to a cybersecurity incident on September 2 2025. The attack forced teachers offline, leaving them relying on pen, paper and whiteboards for instruction. Internet systems were restored about a week later.

Qilin later published sample images online, which it claimed were part of the stolen files. Superintendent Scott Worner confirmed that the group was behind the attack but stated that the school district is still assessing the extent of the breach.

“We don’t intend to move forward with payment at this time,” Worner said.

“The final decision depends on the findings of the investigation and what files were encrypted and/or stolen.”

He also urged other districts to prepare for cyber-threats.

“It’s not if. It’s when,” he said.

“Whoever your insurance company is, make sure your cybersecurity coverage is up to date.”

Qilin’s Expanding Ransomware Reach

Qilin is a ransomware operation that surfaced in late 2022 and runs as a ransomware-as-a-service network. Affiliates use its malware to launch attacks and share ransom proceeds. The group primarily spreads its malware through phishing emails.

So far in 2025, Qilin has claimed responsibility for 103 confirmed ransomware incidents and 470 unverified ones. Educational institutions have been frequent targets.

Other victims this year include:

  • Western New Mexico University

  • Botetourt County Public Schools in Virginia

  • Fort Smith Public Schools in Arkansas

  • Belmont Christian College in Australia

Read more on ransomware threats to schools: ICO Warns of Student-Led Data Breaches in UK Schools

Rising Impact on Education

Data from Comparitech shows at least 33 confirmed ransomware attacks on American schools, colleges and universities in 2025, with another 62 claimed but unverified.

In September alone, districts in Texas and Arizona disclosed new incidents.

The education sector faces unique challenges in responding to breaches, taking an average of 4.8 months to notify affected individuals.

These attacks often cripple essential operations, from attendance and grading to payroll and communication systems, while exposing staff and students to potential identity fraud.

Source link

You Might Be Interested In

You may also like

Ukraine’s CERT-UA Exposes Gamaredon’s Rapid Data Theft Methods

Salt Typhoon Uses Citrix Flaw in Global Cyber-Attack

BreachForums Admin Pleads Guilty to Hacking Charges

JumpCloud Confirms Data Breach By Nation-State Actor

drIBAN Fraud Operations Target Corporate Banking Customers

Chinese APT41 Linked to WyrmSpy and DragonEgg Surveillanceware

Leave a Comment

Save my name, email, and website in this browser for the next time I comment.

Stay informed with the latest in cybersecurity news. Explore updates on malware, ransomware, data breaches, and online threats. Your trusted source for digital safety and cyber defense insights.

Facebook Twitter Instagram
BuyBitcoinFiveMinute

Subscribe my Newsletter for new blog posts, tips & new photos. Let’s stay updated!

© 2025 cybrgpt.com – All rights reserved.

@2025 - All Right Reserved.
View Cart Checkout Continue Shopping
Close