Ransomware hits K-12 district in Connecticut

Bridgeport Public Schools, a K-12 district in Connecticut about 40 miles northeast of the Bronx, became infected by ransomware on Friday, Jeffrey Postolowski, director of technology services, confirmed to EdScoop.

First reported by the Connecticut Post, the cyberattack originated from a virus dispatched by a malicious outsider and has encrypted district data to hold it hostage for a ransom. The district has not stated the amount of the ransom or whether it will pay it rather than take steps to decrypt the locked data itself. The district superintendent’s office did not respond to an email requesting answers to these questions.

Postolowski told the Post that there was no evidence of any data theft in the attack. However, several teachers have lost access to lesson plans and teaching materials saved on work computers, the Post reports. Teacher and student work saved on cloud-based platforms appears to have been unaffected and the district’s PowerSchool platform — which houses student data — was untouched.

The district’s IT department reportedly began taking steps to remedy the problem over the weekend, but the district declined to say how far along their IT team is in the recovery process.

Postolowski said he is working towards a solution with help from the Multi-State Information Sharing and Analysis Center to resolve the incident quickly.

Though how the malicious actors gained access to the district’s system is unknown, the Post reported that teachers were instructed to change email passwords and warned to not bring personal computers to the office, generating speculation that the actors may have gained system access through a successful phishing attempt. Phishing attempts are the most common hacking method used to target K-12 districts, demonstrating that human error is a prominent threat to school data.