The hacker, who goes by the name Sp1d3r, claimed to have stolen personal information from two large US universities, affecting over 4 million students. Here we are discussing Edgenuity, an online school, and a public school in Los Alamos.
From elementary school through high school and beyond, the cybercriminal got their hands on a plethora of personal data, including names, addresses, medical records, login credentials, grades, disciplinary records, and more.
The scammer has already warned the heads of the affected educational institutions that the information will be made publicly available unless they comply with their demands.
Payment of 30 bitcoins, or approximately $2 million, is due by June 25 to prevent the hacker from releasing the students’ personal information.
A comparable incident happened with the data of over 30 million Santander Group bank customers from Uruguay, Chile, and Spain. In exchange for returning the stolen sensitive data, the hacker also wanted 30 bitcoins.
The UNC5537 hacker group is committing the identity theft, say cybersecurity experts. The members of this group are likely young adults (between the ages of 19 and 22) from the United States and the United Kingdom.