California community college Río Hondo dealing with cybersecurity incident

Río Hondo College in Southern California is dealing with a cybersecurity incident that limited campus functions for days before most services were returned.

The school, which serves more than 31,000 students in the Los Angeles metro region, did not say when the issues began but wrote in an October 23 Facebook post that access to its website and other school-run tools had been restored.

The next day, the school added that its IT team had resolved an issue that limited the college’s ability to disburse financial aid. Financial aid disbursements were sent out on October 26.

At the time, the school did not identify the disruptions as related to cyberattacks but on Tuesday the LockBit ransomware gang added the school to its list of victims, giving officials until November 20 to pay an undisclosed ransom.

#LockBit has listed Rio Hondo College in Whittier, CA. #RHC #ransomware 1/2 pic.twitter.com/lZmeP9whAB

— Brett Callow (@BrettCallow) October 31, 2023

In a statement to Recorded Future News, the school acknowledged that the outages were due to a cyberattack but did not call it a ransomware attack.

“After learning of this incident, we immediately began an investigation to determine the cause and scope of the incident,” a spokesperson said.

“We want our students and the Río Hondo community to know that we place a high value on maintaining the integrity and security of the data we hold in our systems, and we are working diligently to complete our investigation of the incident. We will provide an additional update once our investigation is complete.”

The school did not say whether a ransom would be paid or if law enforcement is involved in the response.

Emsisoft ransomware expert Brett Callow said the attack was the 69th on a university or college this year, an all-time record far surpassing the 44 seen in 2022. The attacks on higher education this year do not include the hundreds of schools affected by the MOVEit data breaches, Callow added.

Just in the last two months, Stanford University and the University of Michigan have confirmed attacks that had serious effects on campus networks, student data and more. Ransomware gangs have also shown a proclivity for targeting community colleges in the last year, attacking several across the U.S.

In spite of rumored dissension within its ranks, the LockBit ransomware gang has continued its unparalleled streak of devastating attacks across the world, far outpacing any of its hacking rivals.

The group launched at least 81 attacks in September and has already claimed attacks on several New York hospitals, a Virginia school district and multibillion-dollar technology services firm CDW.