Vice Society Claims Ransomware Attack Against Cincinnati State College

An FAQ page on the college’s website has information on how to safely apply to the school or enroll in courses until all systems are restored.

Cincinnati, Ohio — The ransomware group Vice Society has claimed responsibility for a cyberattack on the Cincinnati State Technical and Community College.

The hackers have published on their leak site a list of documents they claim were stolen from the college after it refused to pay a ransom, CyberSecure reports. The documents containing personal data date back to November 24, 2022, suggesting the attackers still have access to the compromised systems.

Earlier this month, the school informed its 10,000 students and 1,000 staff that it had suffered a cybersecurity attack, warning that it would take time for online services and normal operations to be restored. On Tuesday, officials said the school had restored campus networks and email, partial Internet access and classroom computers. Voicemail, network printing, VPN access, shared network and intranet drives are not available. Some online applications and registration portals are also offline.

After the attack, the college released FAQs for current and new students and staff to help them how to interact with administration until systems return to normal. It includes information on how to register for classes, how to apply to the school, and how to pay tuition.

A recent Microsoft report warned that the Vice Society is heavily targeting the education sector, preying on organizations with weak security controls and a higher likelihood of compromise and ransom payments. The report found that the group used several families of ransomware in attacks on K-12 schools and colleges and universities, including BlackCat, QuantumLocker, Zeppelin, RedAlert, and HelloKitty.

In September, the FBI and the Federal Cybersecurity and Infrastructure Security Agency (CISA) also warned about the Vice Society’s focus on schools and universities. The day before, the group attacked the Los Angeles Unified School District (LAUSD), the second largest district in the United States. The day after the superintendent said he would not negotiate or pay a ransom, the hackers leaked stolen data.

The data release came two days before the deadline set by the Vice Society, which originally targeted the district over Labor Day weekend and claimed to have stolen 500 gigabytes of data.