The Rhysida ransomware group claims to have compromised Yokosuka Gakuin, a private co-educational institution located in Yokosuka, Kanagawa Prefecture, Japan. Established in 1950, the school operates elementary, junior high, and high school levels based on Christian founding principles. The threat actors have listed the school on their data leak site, demanding 6 BTC for the “exclusive” purchase of the exfiltrated data, with a seven-day deadline before the potential publication or sale of the information.
According to the samples provided by the actor, the allegedly compromised data includes:
-
Passport scans and identification documents
-
Life insurance deduction forms containing financial details
-
Handwritten application forms with personal contact information
-
Budget calculation requests and internal financial documents
-
Staff or faculty lists with names and addresses
-
Administrative records and receipts
