Ransomware victim disclosure
← All victimsKIPP DC
Claimed by Worldleaks · listed 10 months ago
Status timeline
- ListedSep 23, 2025
- Data leakeddate unknown
At a glance
- Group
- Worldleaks
- Status
- Data leaked
- Country
- United States
- Sector
- Education
- Listed on leak site
- Sep 23, 2025
About the victim
AI dossier — public-source company profileKIPP DC is a network of 22 tuition-free, college-preparatory public charter schools in Washington, D.C., serving nearly 7,500 students from PreK3 through 12th grade. Founded in 2001 by Susan Schaeffler in a church basement in Southeast D.C., KIPP DC focuses on academic excellence, equity, and preparing students for college and careers. The organization is currently led by CEO Shannon Hodge.
- Industry
- K-12 Public Charter Education
- Address
- Washington, D.C., United States
- Founded
- 2001
Attack summary
Severity: critical — KIPP DC serves nearly 7,500 students including minors from PreK3 through grade 12; a data publication event at a K-12 institution almost certainly involves regulated PII of minors (FERPA-protected student records, family data), which constitutes critical severity under regulated/sensitive data criteria.The worldleaks group claims to have disclosed data belonging to KIPP DC, with the status listed as 'data_published,' indicating exfiltration and publication of data. No specific ransom demand or data size was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Student records (PreK3–12)
- Staff/educator information
- Enrollment data
- Family contact information
- School administrative records
Original description
AI-summarised, not from the leak postKIPP DC is a network of high-performing, tuition-free, college-preparatory public schools in Washington, D.C. With 20 schools educating students from PreK3 to grade 12, KIPP DC aims to provide students with the knowledge, skills, and character strengths required for success in life. They focus on creating a positive and structured learning environment.
Sources
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

