The Huntsville City Schools district in Alabama hasn’t fully recovered from a ransomware attack that disrupted its IT network on November 30.
After confirming the attack on school districts’ servers, officials shut down schools and campuses, announcing that students and teachers will not engage in remote learning activities.
Students and employees were urged to turn off their district- issued devices to mitigate the spread of the ransomware infection. Families were also advised to watch out for phishing emails asking for HCS student information.
“Families will not receive any district correspondence requesting their student’s name or personal information,” the district warned. “HCS encourages families to be extremely cautious in sharing personal information with anyone. Avoid opening any emails and do not click on any links from unfamiliar email accounts.”
In a letter posted yesterday by HCS Superintendent Christie Finley, families were told that no student information appears to have been compromised.
“Our IT Team, in conjunction with our outside cybersecurity experts, has confirmed the third-party systems hosting student information were not compromised as part of this threat,” Finley said. “These systems include iNow and PowerSchool.”
However, it appears that Windows operating systems used by high school students and teachers are at risk, and the school district plans to replace them.
“There is no evidence at this time to suggest that Chromebooks used by students in grades K-8 were impacted,” Finley added. “Our main area of focus is for Windows devices, which are used by high school students and teachers. As a precautionary measure, we are making plans to collect all high school student devices and replace all teacher devices. We will be working to re-issue high school student devices as quickly as possible.”