The cybersecurity incident that led to Iowa’s Des Moines Area Community College temporarily canceling classes was a ransomware attack, the college told EdScoop Monday.
An emailed statement from school leaders did not specify any demand or whether it had been paid. A DMACC spokesperson declined to provide details on those topics.
The breach has caused closures since June 3, though in-person classes resumed last week. Online-only classes are finally scheduled to resume Tuesday, according to the school’s website. The community college plans to restore “priority” networks on Monday, according to the website.
“Out of an abundance of caution, we proactively took our systems offline to contain the threat,” the statement reads. “Our investigation is ongoing, but, at this time, we cannot say for certain what information or data, if any, has been impacted as a result. Our primary focus remains on a safe and efficient remediation process and the restoration of our systems. We will provide updates to our community as new information from our investigation becomes available.”
The college is also using social media posts and a mass text alert system, called Rave, to distribute information. Students should not log in to Blackboard, the college’s learning management system, or other university systems yet, according to the website, but wait for an alert that it’s safe to do so.
DMACC administrators said they hired a forensic firm to investigate the incident and that they’ve notified law enforcement, including the FBI, and the Department of Education. The FBI’s Omaha office is working with local law enforcement, the Des Moines Register reported.
Ransomware attacks against higher education institutions doubled between 2019 and 2020, according to a recent report. Sierra College, a community college in Northern California, had services taken offline in a May ransomware attack. Several branches of the University of California system were affected earlier this year by data breaches through a third-party vendor, Accellion.