Stride Learning Company, a for-profit education company that provides online and blended learning programs for students from kindergarten through adulthood, has allegedly been compromised by the threat actor ShadowByt3$. The incident is reportedly part of a broader mass-scanning campaign called “Operation Cloud,” which targets large companies for misconfigurations. The attacker is demanding a $500,000 ransom in exchange for proof of data deletion.
According to the actor, the allegedly compromised data includes:
-
Corporate Intelligence & Reconnaissance, which exposes Developer Metadata (.DS_Store files), internal Infrastructure Naming Maps, and Supply Chain Intel confirming integration with Pearson.
-
Technical Secrets & Logic files, consisting of Hardcoded Logic (user.js & data.js), Configuration Metadata (JSON files) leaking API endpoints, and Project “Skeleton” XML files.
-
Stolen Intellectual Property, encompassing Teacher Answer Keys, Proprietary Curriculum PDFs, and Interactive Source Code for teaching modules.
-
Media & Branding Assets, including branded graphics, training videos, and Phishing Kits designed to mimic Stride Learning or Pearson login portals.
-
The threat actor claims that no student or teacher information was compromised during the incident, and that the stolen files consist entirely of corporate assets and intellectual property.
Daily Dark WebRead More
T1
