Data Security

Malware Hits Strike Districts in 5 States

• By Dian Schaffhauser
• 10/28/19

Even as at least one school in San Bernardino City Unified District dealt with unexpected closure owing to public safety power shutoffs stemming from dry weather and winds in the region, the school system has also been hit by a ransomware attack that made its computer servers inaccessible. In a memo to the district's community, Safety/Emergency Manager Eric Vetere insisted that personal data for students "has not been compromised." The California district said it was working with law enforcement and "a third-party expert" to restore network operations. However, it chose not to "disclose the ransom demands" or what its response would be to those demands.

Families with students in Calhoun County Public Schools were informed by an automated phone message that their personal information may have been compromised, according to coverage by Fitsnews, and that they should "take precautions." The message declined to specify what kind of precautions to follow, and the South Carolina district has released no public information about the break-in. Fitsnews referred to the incident as "ransomware."

Cherry Hill Public Schools in New Jersey suffered an outage beginning at the start of October, which took its network down and prevented some employees from using the district email system. According to reporting by the Courier Post, the district has declined to state the reasons for the outage and has brought in "outside experts" to get the network running again.

Wolcott Public Schools in Connecticut brought in a "task force of network specialists" to work alongside its own IT staff in assessing and repairing its network following an unidentified malware break-in leading to a ransomware demand. According to a letter sent out by Superintendent Tony Gasper, the experts found "no evidence of an impact to sensitive student data to date." Gasper told a local reporter that the project of rebuilding the network would cost $10,000, an expense covered by an insurance policy. Based on the advice of local law enforcement, the district declined to pay the ransom.

Students ended up being the hackers who broke into Pennsylvania's Downingtown Area School District. Their quarry: uncovering student addresses for gaining a competitive edge in a non-district-sponsored senior watergun competition. According to a letter posted to the district's website, the attack took advantage of vulnerabilities in Naviance, a website that provides college and career resources. The perpetrators gained teacher-level access to district accounts and from there extracted profile information for the entire student population. From what the district and law enforcement have been able to determine, "no information was altered or manipulated." However, the district promised that "the consequences for these young individuals is likely to be severe." And district staff were required to change their master credentials.