Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
A Catholic college resets all staff, student, and parent passwords as the Interlock ransomware gang posts almost 600 gigabytes of stolen data to the dark web, including passports and financial records.
A Catholic college in the Victorian suburb of Watsonia has confirmed that it is actively investigating a cyber incident after the Interlock ransomware gang listed the school as a victim on its darknet leak site.
“We are currently managing a cyber security incident after our information technology system was compromised by an unauthorised third party. As a result, we have engaged cyber security experts to urgently investigate the extent of personal information that has been accessed,” principal Alison Leutchford told members of the Loyola College community in an incident notice dated 30 August.
“With the support of the school’s IT vendors and the Melbourne Archdiocese Catholic Schools (MACS), additional safeguards have already been put in place to protect our college against future attacks of this and other types.”
The college has reset the passwords of all staff, students, and parents, with staff receiving further instructions today, and more instructions for parents being shared shortly.
“We unreservedly apologise for this inconvenience and appreciate your understanding as we continue to respond to this incident,” Leutchford said.
“We will keep you informed on the progress of our investigation.”
The letter from the principal was circulated a day after the Interlock ransomware operation claimed responsibility for the attack.
“Loyola College is a large educational institution with thousands of students! Hundreds of employees!” the hackers said in a 29 August leak post.
“This college is very poorly protected in our reality, and therefore data was compromised! The full history and database of all students and all their private information were freely available! Also, a large number of financial, legal and other documents!”
Interlock claims to have exfiltrated 591 gigabytes of data consisting of more than 430,000 files in over 35,000 folders. The data has been published in full on the darknet in several file groups. In addition, Interlock published several sample documents, which include passports of current and past employees, detailed financial records, tax details, and court orders.
Interlock first emerged as a threat in September 2024 and has claimed attacks on 67 victims since then, with Loyola College its first Australian victim. According to the US FBI, Interlock is largely opportunistic in its targeting and entirely financially motivated. The group takes advantage of double extortion techniques to pressure its victims, and it is known to gain initial access via drive-by downloads from legitimate but compromised websites, an unusual tactic for ransomware actors.
The group describes itself as “a relentless collective that exposes the recklessness of companies failing to protect their most critical assets: customer data and intellectual property.”
Loyola College has a student body of approximately 1,360 across year 7 and year 12.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
