Last year, authorities in the UK and France also issued alerts for the PYSA ransomware, following attacks on government and other types of organizations.

According to the FBI, PYSA attacks have been launched by “unidentified cyber actors” against higher education, K-12 schools and seminaries in a dozen U.S. states, as well as the U.K.

The threat actors behind PYSA attacks are known to encrypt data on compromised systems, but they also steal information from victims and threaten to leak it in an effort to increase their chances of getting paid.