The American educational institution Los Alamos Public Schools and the educational platform Edgenuity suffered from a serious data leak that affected more than 4 million students. The hackers demanded a reward of 30 BTC.

The breach of school accounts occurred in the Snowflake database. A hacker known as Sp1d3r took advantage of the lack of two-factor authentication (2AF).

The stolen data includes names, addresses, financial data and student grades. In addition, the attacker has medical information of students and credentials of parents. The hacker threatened to publish this confidential data if he did not receive a ransom of 30 bitcoins (about $2 million) within seven days.

Google Madiant security experts attribute the attack on the Snowflake database to the hacker group UNC5537. There is a possibility that this hacker group, based in Turkey and the United States, interacted with the Scattered Spider hacker group. The group of cybercriminals consists of young people aged 19 to 22 from the US and UK, specializing in data theft and extortion.

Recently, a 22-year-old British man, an alleged member of Scattered Spider, was detained in Palma de Mallorca with the assistance of the US Federal Bureau of Investigation (FBI). Spanish police caught the young man as he prepared to board a plane to Italy. According to law enforcement, the detainee earned about 400 BTC worth $27 million by stealing confidential information from companies.

Let us recall that in 2020, a member of the famous hacker group The Dark Overlord received five years in prison for stealing confidential data and demanding ransom in bitcoins.