Data Security

Districts Hit with Malware over Winter Break

• By Dian Schaffhauser
• 01/09/20

Schools districts in both Washington state and Michigan suffered malware attacks during the winter break.

The Issaquah School District discovered its problem on Sunday, Dec. 22 and immediately turned off websites, email and other programs that were hosted in the district's own data center. Those services run from off-site (Skyward and MySchoolBucks.com) were not affected, according to local reporting. About a week later "most" of the programs had been restored.

"IT has been working around the clock to assess and restore system functionality carefully and methodically," the district stated on its website on Jan. 4. "Internet and email have been restored for the most part, although we do expect some systems to remain offline for a few weeks into the new year." As of Jan. 7, however, the district was still preventing personal computing devices from connecting to the network.

In Michigan, Richmond Community Schools was hit specifically with ransomware on Dec. 27. On its Facebook page, the district said that several servers had been hit, affecting "critical operating systems in the district, including but not limited to heating, telephones, copiers, and classroom technology."

According local reporting, hackers demanded payment of $10,000 in bitcoin and the school was forced to extend it holiday break for an additional two days, as administrators dealt with a "building problem" tied to the attack.

The school chose not to pay the ransom and told local media that it had reported the break-in to state and federal law enforcement. It also assured the community that "no student or staff information has been compromised."