Virginia school district open despite LockBit ransomware attack


A Virginia school district managed to keep classrooms open despite an attack from a notorious Russian ransomware gang.

Fauquier County Public Schools operates 20 elementary, middle and high schools for more than 11,200 students. The county is about an hour from Washington, D.C.

A district spokesperson confirmed to Recorded Future News that it suffered a ransomware attack on September 12 and that it “immediately engaged cybersecurity experts and notified appropriate law enforcement.”

“As soon as we learned of this, we immediately took steps to launch an internal investigation and created an incident response team that includes some of the nation’s leading cybersecurity experts. Fortunately, the impact has been minimal and we are fully operational,” they said.

“At this time, we do not believe any personal information about students or staff has been compromised. We are grateful to our teachers and staff who have remained focused on the education of our students.

The LockBit ransomware gang said Sunday it was behind the attack, giving the school district until Oct. 19 to pay an undisclosed ransom for an unknown amount of data. The school district did not respond to requests for comment on what information might have been taken or whether a ransom would be paid.

Since the start of the school year, dozens of K-12 schools and universities have faced ransomware gang attacks.

Ransomware groups have made a point of targeting schools at the beginning and end of school years, hoping that the pressure of opening day, final exams and graduations will force schools to pay ransoms exorbitant.

Prince George’s County Public Schools — about an hour and a half from Fauquier County — suffered his own attack on August 15 which brought down schools’ email and phone lines.

Over the past two months, ransomware gangs have added dozens of K-12 schools to their leak sites, a continuation of a trend last school year, when schools in Minnesota, Iowa, West Virginia, California, Pennsylvania, New Hampshire, Arizona, Massachusetts and still others have dealt with outages as well as the theft of sensitive student and employee data.

While some faced shutdowns lasting several days, others were able to avoid being seriously affected by attacks.

Ransomware groups.jpeg
Most prolific ransomware groups in September 2023.

The LockBit ransomware gang continues to operate with impunity, remaining the most prolific attackers currently active. The gang is paralyzed a major hospital network in New York, a city in France and an electrical organization managed by the Montreal government, all within the last month.

Get more information with the

Future saved

Intelligence cloud.

Learn more.

No previous articles

No new articles

Jonathan Greig

Jonathan Greig is a breaking news reporter at Recorded Future News. Jonathan has worked as a journalist around the world since 2014. Before returning to New York, he worked for media outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

Leave a comment