Prince George’s County Public School (PGCPS) was hit by a cyberattack on Aug. 14 that compromised user accounts. Rhysida ransomware group claimed responsibility for the attack and appeared to be auctioning off stolen data from the breach, including passports, driver’s licenses and other confidential information, according to an Aug. 28 Cybernews report.

The school system said that about 4,500 out of 180,000 user accounts were impacted district-wide — and that most were staff accounts. 

In response, the district initiated a password reset for all users and is offering free credit monitoring and identity protection services through Experian. Members of the school community were also urged to check their financial statements and accounts — and to visit the PGCPS website for steps to protect their identity.

“While we have engaged cybersecurity and forensics specialists to conduct a full investigation of the incident, we understand the cyber attack may result in unauthorized disclosure of personal information of PGCPS users,” Superintendent Millard House II said in a Sept. 1 website post.  “Our Division of Information Technology will follow up with impacted users as the investigation continues.”

House became the new head of the state’s second-largest school system this July, following the retirement of Monica Goldson. 

According to the Cybernews article, data from the compromised user accounts were put up for auction on Rhysida’s leak site — for 15 Bitcoin, or approximately $390,000 at that time.

Schools are increasingly targeted for ransomware attacks, according to an Aug. 17 Education Week article, which cites a recent survey by cybersecurity firm Sophos. In the survey, 80% of primary and secondary schools and 79% of higher education institutions reported being the victim of ransomware attacks that either steal data or hold data hostage through encryption. This was a higher rate of attacks than any other industry surveyed and nearly double the rate in 2021