Welcome surprise: threat actors give victim school district a free decryptor.
On November 23, DataBreaches.net reported that Avos Locker threat actors had added Beaverhead County High School in Montana to their leak site. At the time, this site reported:
From their listing, Avos Locker is clearly aware that this is a tiny school district with only a few hundred students and less than two dozen teachers. And yet they are trying to ransom them. Avos writes: “If they refuse to negotiate, we will leak all the data we’ve got.”
DataBreaches.net sent an inquiry to Avos Locker that included asking them why they were trying to extort a small public school but received no reply at the time. Indeed, neither BCHS nor the threat actors responded to my inquiries, but I heard informally through another journalist that Avos Locker was not happy with this site’s reporting on the matter. [Note: DataBreaches.net may have discovered a way to bring threat actors and victims together on common ground: they all hate my reporting.]
In this case, I do not know whether Avos Locker thought I reported inaccurately, whether they were ticked off that I called them out publicly for going after a small school, or what triggered their displeasure, but yesterday, I was pleasantly surprised to receive an email from Avos Locker that simply said:
Hey, the high school was given a free decryptor and their data was removed from our page.
That is certainly welcome news. I asked Avos Locker if they would like to say more about what happened and why they turned around and tried to help the district recover, but have not heard back by the time of this publication.
Nor has this site heard back from the district administrators this site reached out to ask for comment on this development.
This post will be updated if any replies are received.