UPDATE: New Jersey, Emerson Public School District data in hands of Medusa ransomware group

UPDATE: New Jersey, Emerson Public School District data in hands of Medusa ransomware group 1

UPDATE – 08.10.2023 at 3:30PM

We have received a response from the Medusa ransomware group regarding the amount of data stolen during the cyberattack on Emerson Public School District IT systems.

Medusa let us know that the amount of documents in their hands is 2TB, they also confirmed the ransom price is $100,000. Another significant file that Medusa has uploaded to her blog, and that anyone can get hold of, is the one relating to the file tree which makes us understand the enormous amount of documents exfiltrated from the servers of the School District, 1.028.490

UPDATE: New Jersey, Emerson Public School District data in hands of Medusa ransomware group 2
Screenshot and redaction by SuspectFile.com

From the list of file names we have seen, we can imagine that some of these could refer to further medical data. The two examples below are from a staff member at Patrick M. Villano Elementary School

Emerson's schools\Emersons_5\!REMOVED STAFF\[REDACTED]\Administrator Files\Personal\[REDACTED] Medical Records from Dr. [REDACTED].pdf

Emerson's schools\Emersons_5\!REMOVED STAFF\[REDACTED]\Administrator Files\Personal\Dental overview [REDACTED].docx


More examples of sensitive document names we found in the file tree

Emerson's schools\Emersons_5\[REDACTED]\ALL STAFF FOUND FILES\!PDFs\Certificate of Insurance Cancer Walk 10-5-19.pdf

Emerson's schools\Emersons_5\[REDACTED]\ALL STAFF FOUND FILES\!PDFs\insurance card.pdf

Emerson's schools\Emersons_5\[REDACTED]\My Documents\My Scans\Insurance Card Front and Back.pdf

Emerson's schools\Emersons_1\staff2\[REDACTED]\My Documents\[REDACTED]\[REDACTED]\SpainANDmore\insurance_card.pdf


Finally we wonder why there are still documents on the School District’s servers dating back to 2000

Emerson's schools\Emersons_5\!REMOVED STAFF\New_kce\!!!!LO1 Server Files\PENSION\!Previous Years\2000\Book4.xls 

Emerson's schools\Emersons_5\!REMOVED STAFF\New_kce\!!!!LO1 Server Files\PENSION\!Previous Years\2000\PERS100.xls 

Emerson's schools\Emersons_5\!REMOVED STAFF\New_kce\!!!!LO1 Server Files\PENSION\!Previous Years\2000\PERS200.xls 

Emerson's schools\Emersons_5\!REMOVED STAFF\New_kce\!!!!LO1 Server Files\PENSION\!Previous Years\2000\PERS300.xls

Emerson's schools\Emersons_5\!REMOVED STAFF\New_kce\!!!!LO1 Server Files\PENSION\!Previous Years\2000\PERS400.xls

Emerson's schools\Emersons_5\!REMOVED STAFF\New_kce\!!!!LO1 Server Files\PENSION\!Previous Years\2000\TPAF100.xls

Emerson's schools\Emersons_5\!REMOVED STAFF\New_kce\!!!!LO1 Server Files\PENSION\!Previous Years\2000\TPAF200.xls

Emerson's schools\Emersons_5\!REMOVED STAFF\New_kce\!!!!LO1 Server Files\PENSION\!Previous Years\2000\TPAF300.xls

Emerson's schools\Emersons_5\!REMOVED STAFF\New_kce\!!!!LO1 Server Files\PENSION\!Previous Years\2000\TPAF400.xls

 



The attacks against American educational institutions do not stop, the latest to have undergone the exfiltration of data from their IT infrastructures is Emerson Public School District in Bergen County, NJ. For the deletion of data exfiltrated from the School District’s servers, the cybercriminals demanded a ransom of $100,000 in bitcoins.

In the 2021-2022 year Emerson Public School District projected a total of 1087 students distributed among the three schools, Memorial Elementary School (364, grade span PK-3) – Patrick M. Villano Elementary School (232, grade span 4-6) – Emerson Junior-Senior High School (461, grade span 7-12), Medusa is the ransomware group responsible for the cyber attack.

UPDATE: New Jersey, Emerson Public School District data in hands of Medusa ransomware group 3
Data provided by the National Center for Education Statistics (NCES) – Screenshot and redaction by SuspectFile.com

Medusa last July had already hit the educational institution St. Landry Parish – Opelousas, LA a School District with 12143 students in the 2021-2022 school year.

UPDATE: New Jersey, Emerson Public School District data in hands of Medusa ransomware group 4

Among the documents exfiltrated and published as proof on the cybercriminal blog we found several sensitive files such as teachers’ pay slips, students’ and teachers’ full names, telephone numbers, complete addresses, administrative documents, email accounts and above all a file with photos of dozens of pupils and their full names as well as a file describing the various allergies from drugs or medical therapies in progress.

UPDATE: New Jersey, Emerson Public School District data in hands of Medusa ransomware group 5
Screenshot and redaction by SuspectFile.com
UPDATE: New Jersey, Emerson Public School District data in hands of Medusa ransomware group 6
Screenshot and redaction by SuspectFile.com

 

UPDATE: New Jersey, Emerson Public School District data in hands of Medusa ransomware group 7
Screenshot and redaction by SuspectFile.com

As we wrote previously, among the documents published by Medusa there is also the list of Emerson Public School District teachers with full names, full addresses, telephone numbers and their qualifications

UPDATE: New Jersey, Emerson Public School District data in hands of Medusa ransomware group 8
Screenshot and redaction by SuspectFile.com

Prior to the publication of this article, we contacted both the School District and the cybercriminal group but neither would provide a statement on the matter.

SuspectFile.com will update the article in case of new items.