Richland-Bean Blossom community school corporation data breach

The Richland-Bean Blossom Community School Corporation (Edgewood Schools) has suffered a data breach, with approximately 42GB of data being posted on the dark web by the BlackSuit ransomware group.

The data, available in a .zip file, is accessible through a dark web site associated with BlackSuit.

An expert resident downloaded the .zip file to a secure environment and confirmed the data's size and potential FERPA violations. The incident was successfully reported to the CERT (Cyber Emergency Response Team) at the CISA (Cybersecurity and Infrastructure Security Agency).

The zip file contains:

• Sensitive information potentially violating FERPA (Family Educational Rights and Privacy Act)
• Equivalent to 22 million pages of plain text

No details about personal data leaked or number of impacted individuals are disclosed.

RBB's technology director, acknowledged the district's awareness of the data posted on the BlackSuit website. However, for detailed inquiries, he deferred to district superintendent, who has not commented.

For the RBB schools, BlackSuit provided background information about the district and a link to the data file but did not indicate if a ransom was demanded or refused.