Mastery Schools Data Breach Exposes Personal Information of Over 37,000 Individuals
Mastery Schools, the largest charter school network in Philadelphia, has confirmed a ransomware attack that has compromised the personal data of 37,031 individuals. The breach, which occurred in September 2024, has resulted in the exposure of sensitive information, including Social Security numbers, medical details, and academic records.
The incident was detected on September 15, 2024, when unauthorized actors encrypted the school’s systems, disrupting essential operational functions, such as phone and email communications. In response, Mastery Schools began issuing official notifications to those affected over the weekend. While the ransomware group DragonForce has claimed responsibility, asserting they stole 171 GB of data from the institution and listed Mastery Schools on their leak site, the school has yet to confirm the full extent of the attackers’ claims or the method of their intrusion.
In their notification, Mastery Schools acknowledged that unauthorized actors had downloaded data, although they stated there is no current evidence linking the breach to identity theft or fraud. This incident highlights ongoing threats to educational institutions, which are increasingly becoming targets of cybercriminals. The compromised data reportedly includes a range of sensitive information, such as names, dates of birth, Social Security numbers, and financial data.
To assist those affected, Mastery is providing complimentary identity protection services through Experian’s IdentityWorks, with enrollment available until August 31, 2025. CEO Dr. Joel Boyd emphasized that the organization is enhancing its security measures by implementing multi-factor authentication and further refining endpoint monitoring. Additionally, Mastery has engaged external cybersecurity experts and is collaborating with federal law enforcement to comprehensively investigate the breach and mitigate future risks.
This incident underscores a concerning trend in the education sector, which has witnessed a dramatic increase in cyber threats. According to Comparitech, there were 79 ransomware attacks on U.S. schools and colleges in 2024 alone, affecting nearly 2.9 million records. These attacks can lead to significant operational disruptions, impacting testing schedules, payroll processing, and system availability.
Mastery Schools operates 23 campuses across Philadelphia and Camden, serving approximately 14,000 students in its network of elementary, middle, and high schools. The ongoing threat landscape reveals that educational institutions must remain vigilant. As observed in this incident, tactics such as initial access and privilege escalation from the MITRE ATT&CK framework seem to be relevant, highlighting the techniques employed by adversaries in infiltrating systems and exfiltrating sensitive information.
In conclusion, this breach serves as a stark reminder for all organizations, particularly those in the education sector, to enhance their cybersecurity protocols and remain alert to the ever-evolving landscape of cyber threats.
