Loyola College

Summary

Loyola College, a Catholic school in Watsonia, Victoria, suffered a significant ransomware attack in late August 2025 when the Interlock ransomware group claimed responsibility on 29 August 2025. The attackers exfiltrated 591 gigabytes of data comprising over 430,000 files and published the full dataset on the darknet, including passports of current and past employees, detailed financial records, tax details, and court orders. The breach affected 1,656 individuals including students and staff.

What Happened

In late August 2025, Loyola College was targeted by the Interlock ransomware group, which publicly claimed responsibility on 29 August 2025. Interlock exfiltrated 591 gigabytes of data consisting of more than 430,000 files organised in over 35,000 folders. The ransomware group published the complete dataset on the darknet in several file groups. The stolen data included highly sensitive information such as passports of current and former employees, detailed financial records, tax details, and court orders. Interlock, which first emerged in September 2024, identified Loyola College as its first Australian victim.

Impact on Individuals

The breach affected 1,656 individuals associated with Loyola College: 1,446 enrolled students, 131 teaching staff members, and 79 non-teaching staff members. The exposure of employee passports, financial records, tax details, and court orders created significant risks for identity theft and fraud. The publication of such sensitive information on the darknet raised particular concerns for the school community's privacy and security.

Organisational Response

Loyola College confirmed the cyber incident and immediately reset all staff, student, and parent passwords as a security precaution. The Catholic college engaged external cybersecurity experts to investigate the extent of the breach and determine the full scope of compromised information. The school communicated with its community about the incident and took steps to secure its systems.