K-12 school districts in New Mexico, Ohio crippled by cyberattacks
Cyberattacks on K-12 schools across the U.S. continued this week with both the Fort Sumner Municipal Schools in New Mexico and Washington Local Schools in Ohio suffering from incidents.
The Cl0p ransomware group’s leak site this week displayed sensitive information from students, faculty members and parents from Fort Sumner Municipal Schools. The leak included scans of driver’s licenses and more.
Matt Moyer, superintendent of Fort Sumner Municipal Schools, confirmed that the district was attacked in a statement Thursday to The Record.
“We are currently working to address a recent cyber security incident affecting our servers. On behalf of the district, we engaged cyber-counterintelligence experts to negotiate and maintain the privacy of the impacted data but unfortunately the threat actor acted in bad faith and has released the information,” Moyer said. The FBI is also involved, he said.
On Wednesday, the Washington Local Schools released a statement on Twitter saying a cyberattack affected phone, email, internet and WiFi networks as well as all Google Classroom systems.
The district did not respond to requests for comment but said in a statement that cyber forensic teams were hired to “assist with the investigation and recovery.” There was no further information about the nature of the attack or the suspected perpetrators.
“Please understand that teachers and staff do not have access to outgoing or incoming calls or email at this time,” the district said.
An emergency phone number for each school in the district will be provided in a letter sent home with students.
“At this time, we are just beginning to learn some of the details of the attack. If you have a senior, we are working to ensure a smooth exam process and make their final two days memorable,” district officials added.
Emsisoft threat analyst Brett Callow tracks cyberattacks and ransomware incidents targeting school districts and colleges.
He noted that at least 10 U.S. school districts with 237 schools among them have been hit by ransomware this year.
“That may not seem like a win, but it’s less than half the number of districts which had been hit by this time last year (21),” Callow said.
“It’s unclear whether the decline in numbers is random and temporary or due to districts finally having improved their security or because of other factors. Time will tell.”