Conti ransomware gang demanded $40m from US school district

Broward County Schools district in Fort Lauderdale, FL was attacked by the infamous Conti ransomware group last month.

In a series of ransomware attacks on educational institutions that have been going on for the past few weeks, this time around, Broward County Public Schools in Florida were attacked with a ransomware demand of $40 million.

The Conti ransomware gang threatened to encrypt and erase the files containing the personal data of students and employees and post the details online. 

The screenshot shows links to complete chat between the Conti ransomware gang and representatives from Broward County Public Schools (Image source:

However, the Broward County Public Schools itself released a statement where they claimed that no personal information has been stolen and that it made no extortion payment to the ransomware group, which then retaliated with an apparent pressure tactic last week and posted screenshots of its online negotiations with the district to its site on the dark web

Broward County Public Schools, the nation’s sixth-largest school district receives an annual budget of around $40 million and they informed the parents of their students about a network outage on March 7 that negatively impacted online teaching, but based on this new information, the incident was clearly much more serious. 

(Image source:

The school district then hired cybersecurity experts to “investigate the incident and remediate affected systems. Efforts to restore all systems are underway and progressing well. We have no intention of paying a ransom.”

After a series of back and forth negotiations, they offered to pay $500,000 at which point the ransomware criminals seemingly ended negotiations, according to the screenshots posted by the hackers.

The information that they threatened to release also included social security numbers of students, teachers, and employees, addresses, dates of birth, and school district financial contact information. Although they initially demanded $40 million, after several negotiations, they decreased the ransom to $10 million. 

(Image source:

This attack is just one case in a series of attacks that have hit educational institutions in the past two weeks. Just last week reported how the Clop ransomware gang attacked six universities in the United States including the University of Maryland and the University of California.

Jamie Hart, cyber threat intelligence analyst at Digital Shadows noted that these attacks were conducted by the Clop gang and were targeted as part of the Accellion FTA breach. The reason why cybercriminals have started preying on educational institutions is that the rapid shift to online learning and teachers/professors working from home. 

Did you enjoy reading this article? Do like our page on Facebook and follow us on Twitter.

Related Posts