A ransomware attack on OLV Pulhof, a school in Berchem, Belgium, has escalated beyond the typical institutional target, with hackers now demanding payment directly from parents to prevent the release of their children’s personal data. The audacious move reflects a disturbing trend of cybercriminals increasingly targeting schools – and their families – across Europe [[1]]. Authorities are investigating the incident as the school refuses to negotiate with the attackers, leaving parents grappling with a tough and possibly costly decision.
Belgian School Hit by Ransomware, Hackers Demand Payment from Parents
A school in Berchem, Belgium, has been targeted in a ransomware attack, with hackers not only demanding a ransom from the school itself but also directly contacting parents and requesting a payment of €50 per child to prevent the release of their children’s data. The incident highlights the growing threat of cyberattacks targeting educational institutions and the increasingly common tactic of extending demands to families.
According to reports, the school, OLV Pulhof, was compromised by cybercriminals who have demanded funds in exchange for restoring access to the school’s systems and, crucially, for not publishing sensitive information belonging to students. The hackers have reportedly sent letters to parents threatening to release their children’s personal data if the ransom is not paid.
School officials have stated they will not comply with the criminals’ demands. “We are not responding to the demands of criminals,” a school spokesperson said. However, the situation has understandably caused significant concern among parents, who are now faced with the difficult decision of whether to pay the ransom to protect their children’s privacy.
The school has not disclosed the extent of the data breach or the specific types of information that may have been compromised. Cybersecurity experts warn that such attacks are becoming more sophisticated and targeted, with schools often seen as vulnerable targets due to limited cybersecurity resources. This incident underscores the importance of robust data protection measures and incident response plans for educational institutions.
Authorities are investigating the attack, but no arrests have been made. The incident is likely to raise further questions about the security of student data and the need for increased investment in cybersecurity within the education sector. The potential financial and reputational damage to the school, as well as the distress caused to parents and students, could be substantial.
