Hackers publish school district's student data after threatening to 'kill some kids'

District canceled classes for a day in response…

Text messages

Hackers published the student directory of an Iowa school district online after they threatened to "kill some kids" at local schools.

The trouble began on the evening of 2 October when parents living within the boundaries of Johnston Community School District received some troubling text messages from an unknown number. One chain of messages talked about the innocence of the recipient's 4-year-old son and then urged them to not have anyone look outside. The message ended with an ominous warning: "I'm only getting started."

Other messages were much more overtly violent in nature, with some threatening harm against local school kids.

Not surprisingly, many parents called the police. Local law enforcement received dozens of reports along those same lines that night. Not wanting to risk the safety of her students, Johnston Schools Superintendent Corey Lunn decided to close all schools the following day.

Lunn told The Des Moines Register that it was a difficult call to make:

"This is a tough decision. It's not something that we take lightly, but at the end of the day it's our first priority to keep students and staff safe, and I believe we did that today."

Investigators soon thereafter determined that the threats weren't linked to any credible danger. But that didn't matter to the hackers. Satisfied with sowing fear among parents and students, a familiar face claimed responsibility for the attacks when schools reopened on 4 October.

The Dark Overlord...of course. It's a hacker group with a reputation for leaking sensitive data online, holding information for ransom, and (more recently) targeting schools with threats of violence.

Unfortunately, the miscreants didn't stop there. The next day, contemptible criminals published a Johnston Community's full student directory replete with student names, addresses, and telephone numbers. Why? To add insult to injury.

They also made public a series of calls and text messages they'd received from concerned parents and students following their Monday night high jinks. Most contained very strong language. Some even had some threats of their own.

And why should they have not? In threatening innocent school children, the Dark Overlords revealed themselves to be some of the most disgusting people on the face of this planet. Those jollies that they wrongly get from hacking unsecured school networks don't excuse their behavior, not to mention the danger they might pose.

Speaking candidly, I would love nothing more than to see them, in the words of one worried parent, end up "in a hole" as a result of a foolish mistake. And sooner rather than later.

Tags: , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

Subscribe to the free GCHQ newsletter

, , ,

4 Responses

  1. AMB

    October 9, 2017 at 12:55 am #

    Johnston community schools. Not "Johnson." Error in the second paragraph.

  2. Doug Levin

    October 9, 2017 at 1:34 pm #

    They are operating in at least two other U.S. school districts, as well (one in MT and one in TX): https://www.databreaches.net/no-holds-barred-thedarkoverlord-threatens-students-with-physical-violence-to-send-fbi-a-message-to-back-off/. And, are threatening to release even more sensitive and damaging information: https://www.pogowasright.org/a-privacy-nightmare-may-be-looming/.

    Indeed, as schools are moving more of their data and operations online, the vulnerabilities are growing (https://www.edtechstrategies.com/k-12-cyber-incident-map/), but the DO attacks are…extreme.

  3. furriephillips

    October 10, 2017 at 2:21 pm #

    I wonder; if the leaked information (and their statement regarding sex crimes), leads to or actually triggers said crimes, is there a case for https://en.wikipedia.org/wiki/Accessory_(legal_term) to the crimes or https://en.wikipedia.org/wiki/Aiding_and_abetting the criminal(s) and if the hackers' identities are uncovered & released to the public, how fast they will be able to run, from grief–stricken parents? Fill in your own meme text https://imgflip.com/s/meme/Liam-Neeson-Taken-2.jpg

Leave a Reply