LockBit has added Hillsborough County Public Schools in Florida to their leak site today. They claim to have acquired 2 TB of data, and provide a file list and some sample files.
The sample files are routine types of district files. One did contain personal and medically related information on students. The file list suggests there may be a lot of older data in the stolen tranche but not necessarily any student databases with personal or sensitive information.
“Seems that HCPS do not care about their county’s 270 000 students and 17 000 teachers data. We give them 10 days to consider and we will release all data to public after 3 day auction to sell it private,” LockBit threatens.
LockBit’s listing doesn’t specifically mention whether they locked any files or just exfiltrated data, and an earlier statement by the district indicated that at the time (September 5), they had no evidence that any student data had been compromised. The school community was first notified of an incident the last week of August and the FBI has been investigating the matter.