Organizations today operate under the constant looming threat of cyber attacks. While reactive cybersecurity measures will help organizations respond to past and present threats, offensive measures are the only chance to get ahead of attackers and beat them to the punch. There is now a greater call for offensive solutions like penetration testing a…
Des Moines Public Schools says some data was exposed in a confirmed ransomware attack that caused major disruptions in early January and canceled school for two days.
They’re just not saying what data — at least for now.
Interim Superintendent Matt Smith confirmed Friday the data compromise during the cyberattack but said the district is still investigating. Those affected by the data breach will receive a notification letter, he said. No timeline has been set.
“We’re still gathering the information on exactly the who and the what of that exposure of that information,” Smith said. “But as that information is becoming available, we’ll be reaching out to those individuals specifically, again, by U.S. Mail.”
Smith declined to say what new cybersecurity features were implemented because it could make the district vulnerable to another attack.
“I can tell you that we take it very, very seriously, and we are taking the necessary steps to ensure that any vulnerability that we may have is being shored up,” Smith said. “I can’t go into any more details other than that.”
On the morning of Jan. 9, IT staff at Iowa’s largest school district took 71 buildings — including 63 schools and the virtual secondary school — offline to limit the ransomware’s impact. For the next two days, about 30,000 students were out of school as staff worked to restore servers, the internet, networks and websites.
Students returned to school without internet Jan. 12, and wifi was not restored to all buildings until Jan. 27, district officials said.
The loss of two schools days caused officials to move back the last day of school from May 31 to June 2.
“We’ve got internet back up and running and a lot of our systems are restored,” Smith said, “and so school as we know it prior to Jan. 9 is in full effect.”
The IT staff investigated, along with the district’s cyber insurance company and the local offices of the Federal Bureau of Investigation and Department of Homeland Security.
More:What to know about the Des Moines Public Schools cyberattack and how it affects classes
Officials did receive a ransom request.
“Given where we…
Some data from the Des Moines Public Schools District is in the hands of hackers after a district-paralyzing ransomware attack last month. The district says it’s now working to determine exactly what was exposed – and who was impacted.District leaders would not say if they paid a ransom in the attack.DMPS took its systems offline on Jan. 9, and canceled classes for two days after discovering the attack.The district says if your data was impacted, it will let you know by mail.”If we learn that information about you has been taken from our systems, we are going to let you know as soon as possible and as soon as we can,” Superintendent Matt Williams said.The district did not say what data may have been exposed. It says it could be months before the attack is fully resolved.
Some data from the Des Moines Public Schools District is in the hands of hackers after a district-paralyzing ransomware attack last month.
The district says it’s now working to determine exactly what was exposed – and who was impacted.
District leaders would not say if they paid a ransom in the attack.
DMPS took its systems offline on Jan. 9, and canceled classes for two days after discovering the attack.
The district says if your data was impacted, it will let you know by mail.
“If we learn that information about you has been taken from our systems, we are going to let you know as soon as possible and as soon as we can,” Superintendent Matt Williams said.
The district did not say what data may have been exposed. It says it could be months before the attack is fully resolved.
