Cyber Incident Victim: Booneville School District

On June 30, 2021, Booneville School District was publicly listed on a threat actor’s leak site as part of an alleged cyberattack. The group known as Grief claimed responsibility for the incident, initially adding Booneville to their disclosure platform before subsequently expanding the data dump with additional files. The attackers’ listing contained ambiguous references to "garbage school district data" and questioned whether "6 companies" mentioned in their post corresponded to schools within the K-12 district. Forensic examination of the leaked material revealed four folders containing student-related information, though the threat actors characterized much of the exfiltrated data as low-value or "garbage." The breach occurred alongside a contemporaneous attack on Lancaster School District, though the article did not specify whether the incidents were technically connected or merely coordinated through the same leak site.

The compromised data from Booneville School District primarily involved student records, though the exact scope and sensitivity of these records were not detailed beyond their categorical description. Grief’s publication of the data followed their standard operational pattern of incremental leaks, suggesting possible attempts to pressure the district through gradual exposure. No public statements from Booneville School District regarding incident response, containment measures, or forensic investigations were referenced in the reporting. The article noted that additional reports on related attacks were forthcoming, implying broader targeting of educational institutions by the threat actors during this period. DataBreaches.net analysts Dissent and Chum1ng0 documented the incident but did not report observable remediation efforts or third-party interventions at the time of publication.