Data Leak Exposes Personal Information of 31,000 Individuals Within South Carolina School District
School District Suffers Data Breach, Affecting Thousands
The School District Five of Lexington & Richland Counties, South Carolina, announced a data breach on June 24, 2025. This breach is one of the 29 confirmed ransomware attacks on US educational institutions reported by Comparitech in 2025.
The comprehensive educational system, serving approximately 27,000 students and employing a workforce of around 2450 staff members, operates 13 elementary schools, two intermediate schools, three middle schools, four high schools, one technical school, and one alternative school.
The intrusion occurred on the District's computer network, and some files were taken by an external, unauthorized individual. The attack was claimed on June 24 by Interlock, a ransomware group that emerged in late 2024. Interlock is known for targeting education organizations and local administrations, particularly in the US and other Five Eyes countries.
The exposed personal information likely includes current and former names, dates of birth, Social Security numbers, financial account information, and state-issued ID information. Interlock has published victims' data on its data leak site, particularly in some of the Five Eyes countries (Australia, Canada, the UK, and the US) and Italy.
To help affected individuals, the District is offering free Single Bureau Credit Monitoring, Single Bureau Credit Report, and Single Bureau Credit Score. Additionally, $1m in identity theft insurance is provided through CyberScout. Eligible individuals must enroll within 90 days of the date on their notice letter.
In response to the attack, independent cybersecurity experts were engaged to investigate and remediate the network. Unfortunately, the attack has also resulted in delays to bonuses for the District's employees, as reported by local media outlet WISTV.
So far in 2025, Comparitech has recorded a total of 29 confirmed ransomware attacks on US schools, universities, and other educational institutions. Interlock has claimed responsibility for numerous attacks on education organizations and local administrations since its emergence.
The District urges affected individuals to remain vigilant and to report any suspicious activity to the appropriate authorities. They are committed to providing support and resources to help those affected by this data breach.
