FinalSite ransomware attack shuts down thousands of school websites

School Ransomware

FinalSite, a leading school website services provider, has suffered a ransomware attack disrupting access to websites for thousands of schools worldwide.

FinalSite is a software as a service (SaaS) provider that offers website design, hosting, and content management solutions for K-12 school districts and universities. FinalSite claims to provide solutions for over 8,000 schools and universities across 115 different countries.

On Tuesday, school districts that hosted their websites with FinalSite found that they were no longer reachable or were displaying errors.

At the time, FinalSite did not disclose that they had suffered an attack but simply said that they were experiencing error and “performance issues” across various services, affecting mostly their Composer content management system. 

“This impact may include, but is not limited to, Groups Manager, Constituent Manager, Login, Forms Manager (old), Registration Manager, Directory Elements, Athletics Manager, Calendar Manager,” reads the FinalSite status page.

A school IT administrator told BleepingComputer that FinalSite did not provide them with a time frame as to when services would be restored and were forced to send emails to parents alerting them of the outage.

“Our website is currently down due to an issue that our service provider is experiencing. We apologize for any inconvenience this may cause you,” read an example outage email shared with BleepingComputer.

In addition to the website outages, a system administrator shared on Reddit that the attack prevented schools from sending closure notifications due to weather or COVID-19.

“Many districts are complaining that they are unable to use their emergency notification system to warn their communities about closures due to weather or COVID-19 protocol,” explained the Reddit post.

Outages caused by a ransomware attack

After three days of disruption, FinalSite confirmed today that a ransomware attack on their network is causing the outages.

“We are incredibly sorry for this prolonged outage and fully realize the stress it is causing your organizations. While we have made progress overnight to get all websites up and running, full restoration has taken us longer…