Dark Overlord hacks schools across U.S., texts threats against kids to parents

Schools in Iowa, Montana, Texas and Alabama were hacked, and threats of violence against kids were texted to parents.

Dark Overlord hacks schools across U.S., texts threats against kids
Thinkstock

Bad weather, natural disasters and the like can result in school closings, but some districts do shut school doors for other “credible” threats. Last year, creepy clowns caused panic and school lockdowns, but this year it is hackers threatening kids that has resulted in school closings across several states.

The hacking group responsible is the Dark Overlord, the group that leaked new Orange Is the New Black episodes because Netflix didn’t pay a ransom. The same group tried to sell millions of pilfered healthcare records and was responsible for other attacks such as on Gorilla Glue and an Indiana cancer service agency. Now, it is targeting schools and scaring the snot out of parents by sending personalized text messages threatening their kids.

Iowa

On Oct. 2, the Dark Overlord hacked Johnston Community School District in Iowa and used the pilfered student data to send out threatening text messages to their parents. In response, the district district closed schools for one day and delayed classes by two hours on Oct. 4.

Some of the text messages were shared with the media. One read: “Your child is still so innocent. Don’t have anyone look outside.” When the parent told them to stop, the response was, “I’m only getting started.”

Another threat read, “I’m going to kill some kids at your son’s high school.”

Also on Oct. 4, the Dark Overlord publicly claimed responsibility, tweeting:

The next day, the Dark Overlord dumped the stolen data on Pastebin. The now-deleted post included “student names, addresses and telephone numbers.” The better to help child predators, they claimed.

Why attack schools and threaten kids? “We’re escalating the intensity of our strategy in response to the FBI’s persistence in persuading clients away from us,” a hacker from the group told The Daily Beast.

Iowa is just one in a worrisome string of school hacks that resulted in threats of violence to children attending those school.

Montana

In September, the Columbia Falls School district in Montana closed more than 30 schools for three days after the Dark Overlord stole data from the district server. Police called the hacker a “cyber terrorist.”

By Sept. 13 and 14, parents were receiving “extremely graphic threats via text messages.” After a reporter asked why the Dark Overlord targeted Flathead Valley, the hacking group replied, “I wanted the public to exist in a state of fear before I make my move. This will allow the government protecting your children to look poorly in the light of the public. … The quaint, small, backwoods region of the US like yours is prime hunting grounds. This incident is the last thing you will expect to happen here.”

The school district received a seven-page ransom letter (pdf) demanding $150,000 in bitcoins on Sept. 18. Two of the three payment options offered “significant” discounts if the associated demand was met.

Texas

Also in September, Splendora School District in Texas was hacked and students’ personal information was compromised. Although the school district did not release any potential ransom demand it had received on Sept. 27, it did put out a statement on Sept. 29:

“We continue to receive threats from the group/individual responsible for hacking our network. They have threatened a tiered escalation which could include direct messages to parents, students and staff. We do not know the exact information that they have, but it could contain specific names and confidential information, such as phone numbers and addresses. In previous cases, these messages have been via text and/or email, and have been violent and graphic. The point of this is to incite fear and panic for parents.”

Parents were told not to engage the hackers and to send a copy of any threatening text or email to the police. The school district did not name the Dark Overlord in the statement, but after school officials contacted the Montana school district that was attacked, Columbia Falls Superintendent Steve Bradshaw said, “They believe the case is similar.”

HackRead reported that, like in Iowa, the details of the Texas and Montana school hacks were published on Pastebin.

Alabama

Crenshaw County Schools in Alabama shut down for two days last week, on Oct. 3 and Oct. 4 after the FBI notified the school about a “threatening social media post.” It seems unlikely to be related, as there was no mention of parents receiving threatening text messages or of The Dark Overlord, but an article from the hack in Montana suggested it was a similar incident.

If a person threatens you, that’s one thing. But if a person threatens your kids, that’s an entirely different matter. Schools had better get on it and batten down the security hatches because there is no excuse for their lax security. There may be limited money in the budget for security solutions, but they can at least keep devices patched. If the threat of being hit with ransomware doesn’t prod school districts to clean up their sloppy security, let’s hope protecting kids and their parents from threats will.

SUBSCRIBE! Get the best of CSO delivered to your email inbox.