- You can still buy a 4-pack of Apple AirTags for 20% off at these retailers
- Roku clarifies that it's not rolling out new pause ads after all
- I tested the best AR and MR galsses: Here's how the Meta Ray-Bans stack up
- ServiceNow launches AI agent command center, communication backbone
- T-Mobile's data breach settlement payments finally rolling out this month - after April delay
Texas School District Notifies Over 47,000 People of Major Data Breach
A data breach affecting Alvin Independent School District (AISD) in Texas has compromised sensitive personal information belonging to 47,606 individuals.
The district confirmed the breach, which occurred in June 2024, and began notifying impacted people over the weekend.
Exposed information includes names, Social Security numbers, state-issued IDs, credit and debit card details, financial account numbers, medical data and health insurance information.
The incident was reported by the Texas attorney general on May 2 2025.
The ransomware gang Fog took credit for the attack in July 2024, asserting it stole 60 GB of data from AISD. The group published the district’s name on its data leak site – a common tactic used to pressure victims into paying a ransom.
AISD has not confirmed the group’s claim nor disclosed whether a ransom was paid.
Infosecurity has contacted Alvin Independent School District to comment on this but has not received a response at the time of writing.
Fog began posting about its attacks in July 2024, and Alvin ISD was among the first listed victims, alongside West Allis-West Milwaukee School District and Asbury Theological Seminary.
Since then, Fog has claimed responsibility for 20 confirmed ransomware attacks – 12 of them on educational institutions – and an additional 157 unconfirmed incidents, with activity appearing to cease in April 2025.
The gang is known for encrypting files and stealing data, frequently targeting development environments. While many of Fog’s victims are in the education sector, the group’s reach extends beyond schools.
The AISD breach is part of a broader trend of attacks targeting the education sector.
In 2024, Comparitech recently documented 79 ransomware attacks on US educational institutions, affecting over 2.8 million records. The average ransom demand was $827,000.
Other recent school-related ransomware incidents include:
- Medusa’s $400,000 demand from Fall River Public Schools in April 2025
- Qilin’s attack on Western New Mexico University that same month
- Medusa’s breach of Albion College, impacting 6,930 people
- Southern Arkansas University Tech’s October 2024 breach by RansomHub
- An unclaimed attack on Hacienda La Puente Unified School District
So far in 2025, there have been 15 confirmed and 36 unconfirmed ransomware incidents affecting US schools.
