Mastery Schools over the weekend confirmed it notified 37,031 people of a September 2024 data breach that compromised the following personal info:
- Names
- Dates of birth
- Social Security numbers
- Taxpayer ID numbers
- Government-issued IDs
- Passport numbers
- Bank/financial info
- Credit and debit card info
- Biometrics
- Usernames
- Passwords
- Medical info
- Health insurance info
- Student ID numbers
- Student records
Philadelphia’s biggest charter school network reported at the time that an IT outage crippled its phone lines and email access.
Ransomware gang DragonForce took credit for the attack. It claims to have stolen 171 GB of data from Mastery Schools.
Mastery Schools has not verified DragonForce’s claim. We do not know if Mastery Schools paid a ransom, how much DragonForce demanded, or how attackers breached Mastery Schools’ network. Comparitech contacted Mastery Schools for comment and will update this article if it replies.
“As you may already be aware, on September 15, 2024, Mastery Schools detected malicious encryption that affected some of our systems, which we attribute to an unauthorized actor,” says Mastery Schools’ notice to victims. “Our investigation determined that an unauthorized actor downloaded some of our data, which may have included your information.”
Mastery Schools is offering eligible victims free identity theft protection through Experian. The deadline to enroll is August 31, 2025.
Who is DragonForce?
DragonForce is a ransomware gang that first started posting targets to its leak site in December 2023. It operates a ransomware-as-a-service business in which customers pay to use DragonForce’s malware and infrastructure to launch attacks and collect ransoms. DragonForce often extorts victims both for a decryption key to unlock infected systems, and for not selling or publicly releasing stolen data.
DragonForce has taken credit for 32 confirmed ransomware attacks in total, plus 139 unconfirmed claims that haven’t been acknowledged by the targeted organizations. Seven of those confirmed attacks occurred in 2025, including high-profile breaches of UK retail chains Marks & Spencer, Co-op, and Harrods.
DragonForce’s attack on Mastery Schools marks the second time it’s attacked a school, the other being St. Cecilia’s Church of England School in the UK. DragonForce stole data and caused IT downtime in that attack as well.
Other recent DragonForce targets include the city of Grove, OK and GeoLogics Corporation. The latter issued data breach notices to 12,000 people after a December 2023 attack.
Ransomware attacks on US education
Comparitech researchers logged 79 confirmed ransomware attacks against US schools, colleges, and other educational institutions in 2024, compromising nearly 2.9 million records.
Other recent such attacks include:
- Alvin Independent School District (TX) notified 47,000 people of a June 2024 data breach claimed by Fog
- Coweta County School System (GA) reported a May 2025 attack claimed by Nitrogen
- Bartlesville Public Schools (OK) says a May 2025 ransomware attack forced schools to postpone state testing
- Botetourt County Public Schools (VA) was given until June 12, 2025 to pay a ransom to Qilin
- Flemington-Raritan School District (NJ) reported a May 2025 ransomware attack by unknown attackers
Ransomware attacks on schools and colleges can disrupt day-to-day operations such as taking attendance, submitting grades, phone and email communications, billing, payroll, assignments, and more. Ransomware attacks are often two-pronged: they lock down systems and steal data. Schools that refuse to pay a ransom face extended downtime, data loss, and putting students and faculty at increased risk of fraud.
About Mastery Schools
Mastery Schools is the largest charter school network in Philadelphia, PA. It enrolls 14,000 students at 23 schools in Philadelphia and Camden, NJ. They include 14 elementary schools, two imddle schools, and seven high schools.
Source link
-
-
-
-
-
-
-
-
