Classes resume at Michigan community college after ransomware attack

Classes at Kellogg Community College are returning on Wednesday after two days of outages caused by a ransomware attack. 

The Battle Creek, Michigan school told its nearly 7,000 students on May 2 that ransomware had crippled its systems on April 29. The school was forced to shut down all of its campuses and hired third-party security experts to address the issue. 

The outages affected the main campus in Battle Creek as well as branches in Coldwater, Albion and Hastings.

Vice President Eric Greene told The Record that the school is "still working to understand potential impact to staff and student data." Officials did not release information about which ransomware group attacked the school.

"Our investigation is still in the early stages, and we will share updates as soon as we learn more information from our experts," Greene said.

The community college said it was "implementing security measures to prevent any further unauthorized access to our network — including a forced password reset for all students, faculty and staff."

KCC Alert: Since our update yesterday, we have learned that the technology issues we have been experiencing were caused by a ransomware attack that continues to affect our systems. We have been working with our IRT experts to resolve the situation as quickly as possible. (1/4)

— Kellogg Community College (@Kellogg_CC) May 2, 2022

Officials said the attack was particularly disruptive because students are in the process of preparing for finals. Several who spoke to local news outlet WWMT said they had multiple final exams and essays due on May 1. Classes for the semester end on May 9. 

Staff at the school were able to return to campus on Tuesday and classes resumed on Wednesday. 

The school now urges all students to set new passwords and set up multi-factor authentication for access to the online system.

"We want to reassure our faculty and students that we will take any actions necessary for students to complete course work in a timely manner."https://t.co/8dZf7dNsdh

— Kellogg Community College (@Kellogg_CC) May 2, 2022

The attack on Kellogg Community College would make it the 13th reported ransomware attack on a university or college in the U.S. this year, according to Emsisoft threat analyst Brett Callow.

Callow, who tracks ransomware attacks against schools and local governments, noted that nine school districts in the U.S. have also been attacked this year. Several universities and colleges have been attacked by the BlackCat (ALPHV) ransomware group. 

In 10 of the 13 attacks, data exfiltration was involved. 

Last week, Austin Peay State University sent out urgent messages to students and faculty warning of a ransomware attack affecting the school’s systems.

Ohlone College, Savannah State University, University of Detroit Mercy, Centralia College, Phillips Community College of the University of Arkansas, National University College, North Carolina A&T University, Florida International University, Stratford University are just a few of the U.S. schools attacked with ransomware this year.