The ROC Mondriaan will reimburse the costs of a new proof of identity for employees and students whose data has been put online by internet criminals. Research has shown that criminals have published identity cards and other personal data, among other things.
Ransomware attackers managed to penetrate the systems of the MBO school community in The Hague at the end of August. Then they demanded four million euros from the school group. Because they did not want to pay, data was put online as a means of pressure. It concerned all kinds of internal documents, including information about teachers and students.
The school group now reports that investigations have shown that it includes a number of valid IDs, dozens of documents with personal information of students such as complaints, suspensions and incidents and personal data of a significant part of the employees and students.
The school did not disclose how many IDs were found. “Only a small part of this is from students,” reports the ROC. The people concerned have been personally informed, Omroep West reports. “We reimburse the costs of a new proof of identity and support them where necessary.”
The school group also does this with people whose identity cards or other privacy-sensitive information will turn up online in the future. According to the ROC, this may concern information from long ago. “We do our utmost to inform everyone personally.” The ROC cannot determine exactly who all the leaked information belongs to. “It concerns such an extensive amount of data that it is not possible for us to get a complete picture of this per individual.”
The risk that hackers will publish even more information is unlikely, according to the ROC. “The experience with ransomware is that if they don’t pay, hackers attack everything at once dark web place and then no more.”
The school group expects that most students and staff will be able to use the school’s systems again after the autumn holidays.