Ransomware gang demands $400K from Massachusetts school district

Ransomware gang Medusa over the weekend claimed responsibility for last week’s cyber attack against Fall River Public Schools in Bristol County, Massachusetts.

The school district says it’s investigating the attack that disrupted schools’ phone and testing systems, according to a pop-up alert on the the FRPS home page. It says officials have no indication that personal information was accessed, but the investigation is still ongoing.

Medusa claimed responsibility for the attack on April 12, 2025. It demanded FRPS pay $400,000 in ransom by April 18, 2025. To prove its claim, Medusa posted images of what it says are samples of documents stolen from FRPS.

Fall River Public Schools has not verified Medusa’s claim. We do not know whether the school did/will pay a ransom, what data was compromised, or how attackers breached the district’s network. Comparitech contacted FRPS for comment and will update this article if it replies.

Who is Medusa?

Medusa is a ransomware gang that first surfaced in September 2019. It debuted its leak site in February 2023, where it publishes stolen data of victims who don’t pay ransoms. Medusa often uses a double-extortion approach in which victims are forced to pay both to decrypt their systems and for not selling or publishing stolen data.

In 2025 so far, Medusa claimed responsibility 10 confirmed ransomware attacks and made 69 unconfirmed claims that have not been acknowledged by the targeted organizations. Many of those attacks targeted schools. Its attacks on Lee University and Laurens County School District 56 were both confirmed this year.

Medusa has claimed 24 confirmed ransomware attacks on schools and other educational institutions around the world since the group started publicizing its targets. Its average ransom demand is $430,000.

Last week, Medusa claimed that it hacked NASCAR, but NASCAR has not yet acknowledged an attack.

Ransomware attacks on US schools

So far in 2025, Comparitech researchers logged 12 confirmed ransomware attacks on US schools and colleges. Last year, we recorded 75 such attacks, which compromised at least 2.8 million records. The average ransom demand is $815,000.

In addition to Medusa’s attacks on FRPS, Lee University, and Laurens County School District 56, other recent ransomware attacks against US schools include:

• St. Joseph’s College of Maine notified 127,000 people of a December 2023 data breach claimed by Clop ransomware
• Life University suffered a data breach in July 2024 claimed by Metaencryptor
• Hartwick College suffered an attack by Chort in October 2024

Ransomware attacks on schools and other education facilities can disrupt day-to-day operations such as taking attendance, submitting grades, phone and email communications, billing, payroll, and assignments. Ransomware attacks are often two-pronged: they lock down systems and steal data. Schools that refuse to pay can face extended downtime, lose data, and put students and faculty at increased risk of fraud.

About Fall River Public Schools

Fall River Public Schools in Bristol County, Massachusetts includes 18 schools in total, including nine elementary schools, six middle schools, and two High schools. It enrolls more than 10,000 students and employs more than 700 teachers, according to external sources.