Newberg-Dundee School District Target of Ransomware Cyber Attack
On June 12, 2024, the very next day after the Newberg school board took on interim superintendent Paula Radich in a highly controversial public meeting, Radich announced through a district wide email that the school computer network had been subject to a cyber attack.
As Radich claimed that the attack had been reported to federal authorities, I inquired to the FBI and received the following reply. According to the FBI the cyber attack against the Newberg-Dundee School District was ransomware in nature.
A ransomware attack involves malicious software that encrypts data on a computer system, rendering it inaccessible until a ransom is paid. In public school districts, ransomware typically targets sensitive information such as student records, financial data, and administrative documents. These attacks aim to extort money from the district by threatening to permanently delete or publish the data if the ransom demands are not met. Recovery from such attacks often involves significant IT resources and can disrupt educational operations.
Now is a good time for me to mention that just an hour before Radich had her email sent out to the entire district, the following email was sent by Jillian Daley stating that the district’s computer network and even the phone lines were down, due to an “issue with the internet”,
This is why I find it fairly odd that when I inquired to the school district about if the ransomware attack had resulted in the compromise of any personal data belonging to students or employees, I received a reply back from a California based law firm which I had never heard of before,
This law firm, Constangy, Brooks, Smith and Prophete, has a page where the firm states one of its specialty areas is responding to legal matters related to cyber security attacks, which is peculiar.
If no private data of employees and/or students was compromised, why does the Newberg school district need a law firm that purports to specialize in defending clients against lawsuits from “data security incidents” where private information was compromised?
The tl:dr of all of this…
