Ransomware shuts down classes, childcare centers in Flagstaff, Arizona
School administrators announced Thursday that all classes in Flagstaff Unified School District in Arizona would be canceled for the day following the discovery of a ransomware infection on district computers.
ABC 15 reported that the district — which has 16 K-12 schools and more than 11,000 students — wrote in a letter that the cyberattack had “impacted the ability of FUSD schools to operate normally.” The schools say they’ve had to shut down some computer systems, but could not specify which ones, citing an ongoing investigation into the event.
The attack, which administrators said did not expose any personal student information, also led the district to cancel other educational programs and facilities for the day, including childcare centers, district preschools, and the Family and Community Teaming for Students program, also known as FACTS, which provides after-school activities for children ages 5 to 12.
Zachery Fountain, the district’s director of communications, told EdScoop that the district first learned of the ransomware on Wednesday morning after being notified by staff who had noticed some “peculiar items.”
He said the district followed its response plan and disconnected from the internet by the afternoon, which is why classes had to be canceled.
“We do have redundant systems for our daily operation but we had to make sure all would be accessible before we had kids on campus,” Fountain said.
He said the district is now working with a “third-pary cybersecurity team” but declined to say which law enforcement agencies might be involved. The type of ransomware involved, the amount requested and whether the school is considering paying the ransom are also issues that Fountain said the district will keep private during its investigation.
Fountain said the district notified families as soon as it could once it decided the schools would be closed.
“We understand families are working through that and we appreciate their patience,” he said.
Flagstaff Unified School District is but the most recent victim in a string of escalating ransomware attacks against state and local governments and schools in recent months. There have been more than 70 such attacks reported this year, including several high-profile payouts.
A public school district in Rockville Centre, New York paid nearly $100,000 to restore access to its files and systems last month, while other recently affected districts include Moses Lake School District in Washington, Mineola Public Schools in New York, New Kent County Public Schools in Virginia, Nampa Idaho School District in Idaho and three others in Connecticut. Though not a school district, an official from New Bedford, Massachusetts, announced Wednesday that hackers had overtaken his city’s systems, demanding more than $5 million, which the city ultimately did not pay.