Massive Data Breach Exposes 31,000 in South Carolina Schools
▼ Summary
– A South Carolina school district experienced a data breach potentially affecting over 31,000 individuals, as reported in an August 29 filing to the Maine Attorney General.
– The compromised information includes names, dates of birth, Social Security numbers, financial account details, and state-issued ID information.
– The breach occurred on June 3, 2025, when an unauthorized individual accessed and took files from the district’s network.
– The district is offering affected individuals free credit monitoring services for 12 months and $1 million in identity theft insurance through CyberScout.
– The Interlock ransomware group claimed responsibility for the attack, which has targeted education organizations and local administrations in multiple countries.
A significant cybersecurity incident has impacted a South Carolina school district, potentially compromising the sensitive personal data of more than 31,000 individuals. The breach, which took place earlier this year, underscores the persistent digital threats facing educational institutions and the critical need for robust protective measures.
School District Five of Lexington & Richland Counties officially reported the incident to the Maine Attorney General’s office on August 29. According to the filing, unauthorized access to the district’s network on June 3 may have affected 31,475 people. The compromised data is believed to include a range of highly sensitive details, such as current and former names, dates of birth, Social Security numbers, financial account information, and state-issued identification documents like driver’s licenses and passports.
Superintendent Akil E. Ross Sr. confirmed in a notification letter that the district detected unusual activity within its computer systems on the day of the intrusion. In response, the administration brought in external cybersecurity specialists to investigate the scope of the breach and implement corrective actions. Their findings indicated that an outside actor had successfully extracted certain files from the network.
The district, which serves around 27,000 students across 23 schools and employs nearly 2,450 staff members, faced immediate operational disruptions. Local news outlet WISTV reported on June 5 that employee bonus payments were delayed as a direct result of the cyberattack.
In an effort to mitigate potential harm, the district is offering affected individuals complimentary credit monitoring services for a full year. This includes access to a credit report, credit score, and real-time alerts regarding any changes to their credit files. Additionally, the district has arranged for $1 million in identity theft insurance through CyberScout, a TransUnion subsidiary specializing in fraud resolution. Those eligible have 90 days from the date of their notification letter to enroll in these protective services.
The Interlock ransomware group publicly claimed responsibility for the attack on June 24. This threat actor, which emerged in late 2024, has targeted multiple educational and governmental entities, especially within Five Eyes nations and Italy, often publishing stolen data on its leak site as part of its extortion tactics.
(Source: InfoSecurity Magazine)
