Rhysida hackers send £1.2m ransom letter to Fylde Coast Academy Trust and threaten to release personal data

Rhysida ransomware group is demanding a ransom of £1.2million after breaching Fylde Coast Academy Trust's IT systems and stealing confidential and personal dataRhysida ransomware group is demanding a ransom of £1.2million after breaching Fylde Coast Academy Trust's IT systems and stealing confidential and personal data
Rhysida ransomware group is demanding a ransom of £1.2million after breaching Fylde Coast Academy Trust's IT systems and stealing confidential and personal data | National World
A global hacker gang is demanding a ransom of £1.2million from Fylde Coast Academy Trust, as it threatens to sell personal data stolen from its IT systems on the dark web.

The criminal gang infected its IT network with ransomware, leaving all 10 of its schools with limited access to computers, laptops, printers and even photocopiers.

Hide Ad
Hide Ad

Affected schools include Blackpool’s Armfield, Aspire, Montgomery and Unity high schools and Gateway, Mereside, Westcliff and Westminster primary schools. Hambleton Primary Academy and Garstang Community Academy are also affected.

Rhysida ransomware group is demanding a ransom of £1.2million after breaching Fylde Coast Academy Trust's IT systems and stealing confidential and personal dataRhysida ransomware group is demanding a ransom of £1.2million after breaching Fylde Coast Academy Trust's IT systems and stealing confidential and personal data
Rhysida ransomware group is demanding a ransom of £1.2million after breaching Fylde Coast Academy Trust's IT systems and stealing confidential and personal data | National World

Rhysida has targeted many organisations around the world, including its infamous attack on the British Library in 2023, and counts the Chilean army and Seattle International Airport among its victims.

In July, it held the city of Columbus, Ohio to ransom and followed through on its threats, releasing over 3 TB of data onto the dark web, after an attempt to extort $1.7million from the city.

Dean Logan, CEO of FCAT, did not say whether the breach led to any safeguarding leaks or breaches of GDPR, but the hackers have now confirmed this fear.

Hide Ad
Hide Ad

Rhysida has demanded a substantial sum of money from the Trust, and we can now confirm this ransom is 20 BTC (bitcoin) - equivalent to £1.2million.

The gang has told the Trust it now has until next Tuesday (November 12) to hand over the eye-watering sum, otherwise it has threatened to sell personal data to other crime groups or make it publicly available online.

It is also threatening to permanently block access to the Trust’s systems if the ransom is unpaid.

Hide Ad
Hide Ad
The criminal cyber gang has told the Trust it now has until next Tuesday (November 12) to hand over the eye-watering sum, otherwise it has threatened to sell personal data to the highest bidder or make it publicly available online.The criminal cyber gang has told the Trust it now has until next Tuesday (November 12) to hand over the eye-watering sum, otherwise it has threatened to sell personal data to the highest bidder or make it publicly available online.
The criminal cyber gang has told the Trust it now has until next Tuesday (November 12) to hand over the eye-watering sum, otherwise it has threatened to sell personal data to the highest bidder or make it publicly available online. | The Gazette

The hackers claim to have exfiltrated data including confidential information and personally identifiable information (PII) from the Trust’s servers. This allegedly includes driving licences, photographs, addresses and other personal data.

In a post on its dark web marketplace on Tuesday, the criminal group warns it will sell the data to the highest bidder.

It said: “With just 7 days left on the clock, seize the opportunity to bid on exclusive, unique and impressive data. Open your wallets and be ready to buy exclusive data.”

Hide Ad
Hide Ad
Dean Logan, CEO of Fylde Coast Academy TrustDean Logan, CEO of Fylde Coast Academy Trust
Dean Logan, CEO of Fylde Coast Academy Trust

What does Fylde Coast Academy Trust say?

We asked the Trust’s CEO Dean Logan how the Trust was responding to the threat, whether it intended to pay the ransom, and whether any funds had already been transferred to the gang.

If FCAT does not pay the ransom, we asked what other options the Trust has to avoid the hacked data being sold or shared online. We also enquired whether IT systems have been restored and whether the ransomware been successfully removed.

Mr Logan, the head of the academy trust, did not address these issues but sought to reassure parents, staff and stakeholders that efforts were ongoing to tackle the impact of the cyber attack.

He said: "Fylde Coast Academy Trust have taken and will continue to take all appropriate and necessary steps to mitigate the impact of the cyber attack on stakeholders of the organisation."

Lancashire Police were approached for comment.

Related topics:
News you can trust since 1873
Follow us
©National World Publishing Ltd. All rights reserved.Cookie SettingsTerms and ConditionsPrivacy notice