Des Moines Public Schools, the largest school district in Iowa, today confirmed that a ransomware attack was behind an incident that caused it to take all networked systems offline on January 9, 2023.
Although the school district also received a ransom demand following the attack by an anonymous ransomware group, the ransom was not paid.
Nearly 6,700 people whose data was affected by the resulting data breach will be contacted this week with details of the personal information that has been exposed.
“The cyberattack on DMPS included a ransom demand. No ransom has been or will be paid in response to this attack based on the advice of our cybersecurity experts and what is in the best interest of the school district and community”, Des Moines Public Schools said.
“As a precaution, those potentially affected are being offered free credit monitoring services. The letter also includes information for recipients on how they can place a fraud alert on their credit report, place a freeze security on their credit report and get a credit report.”
Following the January ransomware attackthe school district canceled all classes for several days beginning Jan. 10, after internet and network services were also taken offline while the incident was investigated.
The Des Moines Public Schools system employs more than 5,000 staff and serves more than 31,000 kindergarten through high school students in more than 60 schools.
Various other school districts in Iowa, such as the Cedar Rapids Community School DistrictTHE Davenport Community School Districtand the Linn-Mar Community School Districtwere also hit by ransomware last year, according to a Des Moines Register report.
Brett Callow, threat analyst at Emsisoft, recently said that ransomware groups had hit at least 37 K-12 school districts in the United States since the start of the year.
According to Emsisoft, the year 2022 has seen 89 ransomware attacks targeting organizations in the education sector in the United States. Of these, 44 attacks hit universities and colleges, while 45 targeted school districts. In at least 58 of these incidents, the attackers also managed to steal data from the victims’ networks.
A notable casualty was the Los Angeles Unified School District (LAUSD), the nation’s second-largest school district. The Vice Society ransomware gang claimed responsibility for the attack And published the stolen data a month later.
Significantly, the LAUSD breach coincided with a joint council from the FBI, CISA and MS-ISAC, warning that US school districts were increasingly becoming the target of the Vice Society ransomware gang.
In November 2021, several US senators urged the US Departments of Education and Homeland Security to bolster cybersecurity protections in K-12 schools in response to the growing wave of ransomware attacks.
Attacks on educational institutions have severely affected their day-to-day operations, including canceled school days, interrupted exams, non-existent or restricted access to data and networks, and the compromise of personal information belonging to students and to school staff.