- Two large school districts recently faced separate cyberattacks during their spring breaks, causing both to quickly shut down their technology networks.
- Minnesota’s Rochester Public Schools, which has over 17,000 students, ceased use of its network and technology systems after spotting irregular activity on April 6, according to a district statement. The district canceled classes the following Monday so staff could prepare to resume teaching students without major technology systems and to further investigate the cyber incident.
- In Alabama’s Jefferson County Schools, the 36,000-student district fell victim to a ransomware attack that for nearly two weeks has left students and teachers without access to the internet and school technology, with the exception of state test-taking, Superintendent Walter Gonsoulin said in a Tuesday statement.
The spring break cyberattacks echo research that has found schools are more susceptible to ransomware attacks over the weekends and holidays.
Education cybersecurity professionals are the most likely to report significant negative impacts from a cyberattack occurring during a holiday or weekend compared to a weekday, according to a 2022 survey of cyber defense professionals across sectors by Cybereason, a cybersecurity technology company. In fact, 42% of education IT pros said they take longer to respond and stop holiday and weekend incidents than on weekdays, Cybereason said.
As of Monday, Rochester Public Schools said its investigation has found no evidence so far to suggest any data related to the cyber incident has been used for identity theft or financial fraud.
In Jefferson County Schools, Gonsoulin also said Tuesday he was “very confident” no personally identifiable information was breached in the ransomware attack against his district, though an outside agency is being contracted to monitor any potential breaches.
As the district goes nearly two weeks without a working network in its schools, Gonsoulin said, its technology staff is working “countless hours to fix this issue.”
“However, we first must make sure our data, systems, and machines are appropriately scanned and designated as clean or safe. As we have said from the beginning, this is a process,” Gonsoulin said.
Even if there isn’t a data breach or a district doesn’t pay a ransom as a result of a cyberattack, these incidents can cause significant disruption to learning due to canceled classes or limited technology use.
K-12 schools are also particularly vulnerable to cyberattacks due to a lack of funding and staff shortages, which impact their ability to bolster cybersecurity.
Rochester Public Schools and Jefferson County Schools are not outliers in school cybersecurity concerns. In January, Tucson Unified School District in Arizona and Nantucket Public Schools in Massachusetts were among the latest districts to face high-profile cyberattacks. Others affected by recent cyberattacks include the Los Angeles Unified School District, Iowa’s Des Moines Public Schools, and Arkansas’ Little Rock School District.