Ransomware victim disclosure
← All victimsPalatine School
listed as Official Statement: Protecting palatineschool.org Infrastructure · Claimed by Stormous · listed 5 days ago
Status timeline
- ListedJun 28, 2026
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profilePalatine School is an educational institution serving children, including those with special needs. The school operates a networked IT infrastructure that includes centralized student and staff record systems.
- Industry
- Special Needs Education
Attack summary
Severity: high — Confirmed access to regulated PII at scale (student and staff records at an educational institution serving minors), including NHS identifiers. No exfiltration or encryption is claimed, but the presence of accessible sensitive child and healthcare-linked data represents significant risk. The group's stated ethical code does not reduce the severity of the vulnerability exposure or past unauthorized access.Stormous claims to have discovered critical vulnerabilities granting full access to the school's central server (PALDC2020), including student databases and staff personnel records. The group states it has not exfiltrated or encrypted data, but is offering to disclose vulnerability details privately to the school as a self-described 'security audit.'
Data the group says was taken
AI dossier — extracted from the leak post- Student databases (NHS identifiers noted)
- Pupil administrative records
- Staff personnel records
What the group claims
During our routine network security audits, our team discovered critical structural vulnerabilities within Palatine School, which granted us full, unrestricted access to their central server (PALDC2020). We had the technical capacity to access every directory, including pupil databases ( StudentData NHS NO ) , Pupil Admin - Users -FocusIT) and staff records Personnel.We want to announce that we have locked down this operation and decided to leak absolutely nothing.This is an institution dedicated to children and special needs education. Unlike corporate thieves or ruthless threat actors, we operate with a strict code of ethics: we do not target children, schools, or healthcare facilities.Instead of destroying them, we have chosen to act as an uninvited security audit. We are using our platform to publicly invite the administration of Palatine School to contact us privately. We will provide them with the full technical details of the critical vulnerabilities we discovered and guide them on how to patch their system for free, ensuring they are protected from other ruthless cyber criminals.
Source
Indexed 5 days agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

