BROWARD COUNTY, Fla. – Hackers who sought $40 million in ransom from a South Florida school district that refused to pay have now published nearly 26,000 stolen files.
Many of the files, dated from 2012 to March 2021, contain Broward School District accounting and other financial records, which include invoices, purchase orders, and travel and reimbursement forms, the South Florida SunSentinel reported. None of the files reviewed by the newspaper so far contained Social Security numbers.
The international malware group Conti posted the files Monday, the newspaper reported. Last month the hackers posted a transcript of a conversation with an unidentified Broward schools representative which offered to pay $500,000 to retrieve data. The hackers initially demanded $40 million but dropped the price to $10 million.
On March 31, the district announced it had no intention of paying a ransom.
Kathy Kochhe, the district's chief communications officer, said in a statement that officials are analyzing the content of the posted material do determine next steps, and will notify anyone whose personal information was shared.
"Cybersecurity experts are continuing to investigate the incident and enhance measures system-wide,” the statement said.
The district, which is the nation's sixth largest with 271,000 students, has published questions and answers about the breach on its website at browardschools.com. The school district has an annual budget of about $4 billion — a fact the hackers kept returning to as they demanded $40 million, to be paid in cryptocurrency.
The published files includes more 750 employee mileage reports, 36 employee travel reimbursement forms, more than 700 invoices for spring water, more than 1,000 invoices for school construction work, about 400 payments to Broward Sheriff’s Office or local police departments for security, dozens of utility bills and several employee phone lists, the newspaper reported.