Security & Fraud

School District Pays Hackers $10K In Bitcoin To Recover Data


After hackers stole data from the computer system of a Massachusetts school system, they offered to return the information in return for a $10,000 bitcoin payment. The Superintendent of Leominster Public Schools, Paula Deacon, was surprised to learn of the extortion demand and contacted police, ABC News reported.

“I told her what I knew: There are three ways to deal with cybersecurity,” Leominster Interim Police Chief Michael Goldman told ABC News. “One, don’t get hacked by being properly protected. If you do get hacked, restore with uninfected backups.”

That wasn’t an option for the district, which didn’t have a clean offsite backup. The district also didn’t have sufficient systems to counter the WannaCry attack, which occurred in April.

“This happened, and the school system was not locked down as they should have been,” Goldman told ABC News. “There are a lot of systems that have been subjected to this.”

As a result, the district paid the $10,000 in bitcoin. But it’s hardly alone, as approximately 300,000 computer systems in more than 150 countries were compromised by the WannaCry cyberattack last May. The ransomware attack affected a range of players, including delivery services like FedEx, automakers including Renault and Nissan, transportation operations such as Germany’s Deutsche Bahn and even medical systems such as the U.K.’s National Health Service.

As of last May, more than $80,000 in bitcoin payments have been made so users could access their files again. However, by some accounts, the losses suffered as a result of the attack could cost affected parties hundreds of millions of dollars in outages, lost revenue and productivity.

WannaCry is just the latest and most visible of a growing trend: computers held hostage by those looking to get paid for freeing them. Why did that become a trend? Bitcoin.

Before bitcoin, getting paid for holding people’s data and computers hostage faced a lot of frictions, and the threats, therefore, were considered more of a nuisance than anything else. Bitcoin, however, made it easy for criminals to make a big digital leap.



The PYMNTS Cross-Border Merchant Friction Index analyzes the key friction points experienced by consumers browsing, shopping and paying for purchases on international eCommerce sites. PYMNTS examined the checkout processes of 266 B2B and B2C eCommerce sites across 12 industries and operating from locations across Europe and the United States to provide a comprehensive overview of their checkout offerings.