Cyber Incident Victim: Staring College

On or around February 23, 2021, Staring College, a secondary school with locations in Lochem and Borculo, Netherlands, detected a cyber attack that resulted in the encryption of a significant volume of institutional data. The attack rendered critical files inaccessible, directly threatening the school’s operational continuity. Administrative systems were compromised, though specific technical details regarding infection vectors or malware variants were not disclosed publicly. By February 26, the school’s leadership confirmed they had paid a ransom to the attackers to regain access to their systems. Board member Carlien Krist-Spit stated this decision was driven by the urgent need to minimize disruption to education and safeguard upcoming examinations. The incident forced an immediate suspension of normal IT operations, with recovery efforts commencing after payment. No initial evidence suggested student or staff data exfiltration, though the encryption’s scope indicated broad system impact.

The attack endangered the school’s ability to deliver curriculum materials and administer assessments, creating acute operational risks during the academic term. Krist-Spit emphasized that payment was deemed necessary to prevent prolonged educational paralysis, prioritizing student welfare and institutional functionality. Post-incident, the school focused on restoring encrypted systems using decryption tools presumably provided by the threat actors following payment. Public reporting did not specify whether law enforcement was involved or if backups were unavailable to mitigate the need for ransom payment. The college’s transparency about the payment decision reflected the severity of the disruption, though technical remediation steps and long-term security improvements were not detailed in available sources. Financial losses from the ransom itself and recovery costs remained undisclosed.