Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyber Insurance

Online Learning Company K12 Paying Ransom Following Ransomware Attack

Online learning solutions provider K12 Inc., which recently announced changing its name to Stride Inc., said on Monday that it had decided to pay a ransom to cybercriminals who managed to breach its systems and deploy a piece of ransomware.

Online learning solutions provider K12 Inc., which recently announced changing its name to Stride Inc., said on Monday that it had decided to pay a ransom to cybercriminals who managed to breach its systems and deploy a piece of ransomware.

The company said it recently detected unauthorized activity on its network. The attackers deployed a piece of ransomware and accessed information stored on some corporate back-office systems. This includes student and employee information, but Stride has yet to determine exactly what type of information has been compromised.

Stride pointed out that the attack did not disrupt its learning management system, nor any major corporate systems — it claimed accounting, payroll, procurement, enrollment and shipping systems remained operational. It also claimed that data on the learning management system was not accessed during the breach.

However, due to the fact that the attackers did manage to obtain some information, the company has decided to pay them.

“We carry insurance, including cyber insurance, which we believe to be commensurate with our size and the nature of our operations. We have already worked with our cyber insurance provider to make a payment to the ransomware attacker, as a proactive and preventive step to ensure that the information obtained by the attacker from our systems will not be released on the Internet or otherwise disclosed,” Stride said on Monday.

It added, “While there is always a risk that the threat actor will not adhere to negotiated terms, based on the specific characteristics of the case, and the guidance we have received about the attack and the threat actor, we believe the payment was a reasonable measure to take in order to prevent misuse of any information the attacker obtained.”

It’s currently unclear what type of ransomware was used in the attack and how much the company is paying to the cybercriminals. SecurityWeek has reached out to Stride for more information and will update this article if the company responds.

The company does not expect the incident to have a material impact on its operations or financial results. It has also created a team of data security compliance advisors, which includes former US Attorneys and Attorneys General, to guide its response to the incident, including in terms of compliance with federal and state laws.

Advertisement. Scroll to continue reading.

The U.S. Department of the Treasury recently issued an advisory to warn companies that facilitate ransomware payments of the potential legal implications resulting from dealing with sanctioned entities.

A cybersecurity company reported last year that K12 had exposed a database containing nearly 7 million student records.

Related: Eurofins Scientific Paid Up in Response to Ransomware Attack

Related: Cloud Company Blackbaud Pays Ransomware Operators to Avoid Data Leak

Related: Netherlands University Pays $240,000 After Targeted Ransomware Attack

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...