Cyberattack potentially compromises data of students and employees in Alabama

Cyberattack potentially compromises data of students and employees in Alabama
Cyberattack potentially compromises data of students and employees in Alabama

This audio is automatically generated. Please let us know if you have any feedback.

Diving certificate:

  • A cyberattack on June 17 against the Alabama Department of Education Student and staff data may have been compromised, including some personally identifiable information.

  • The state Department of Education denied hackers access to all of the attacked servers in an effort to lock down the department’s computer system, according to a July 3 statement. The cybercriminals were still able to access some data and disrupt services before the department’s information systems staff were able to stop the cyberattack.

  • All services have now been restored and additional cybersecurity protocols have been implemented in the department. A criminal investigation into the cyberattack is also ongoing. The agency added that it does not negotiate with foreign actors or extortionists because the FBI warns against paying hackers.

Diving insight:

Following last month’s cyberattack, all of the Alabama Department of Education’s data was restored using clean backups.

The department still does not know exactly what information was compromised, but it is working with the FBI and other experts to monitor the aftermath of the incident.

“Like other public schools, government agencies, hospitals and businesses that have been targeted by criminals, Syndicates, it is disappointing and disheartening to learn that hackers were able to break through our security system to access data,” the department said in its July 3 statement.

The incident occurred one year after the Minnesota Department of Education fell victim to a global cyberattack on MOVEit software, which is commonly used by government agencies and companies to transfer sensitive data files. The stolen data included the names of 95,000 students in the state’s foster care system, including their birth dates and the counties in which they were placed.

While public education agencies rarely disclose cyberattacks, schools and districts are more likely to report being victims of ransomware attacks. Ransomware is a particularly common type of cyberattack that uses malicious software to prevent access to computer files, systems, or networks until a ransom is paid.

Such incidents are costly for schools and often result in a breach of sensitive student and staff data. For example, the cost of ransomware attacks on K-12 and higher education institutions around the world that occurred between 2018 and September 2023 is estimated at over 53 billion dollars in downtime.

More recently, the Los Angeles Unified School District said it is investigating claims that its millions of district records are for sale on the dark web. It is unconfirmed whether the alleged LAUSD data for sale for $1,000 is related to a major ransomware attack on the district in September 2022.

As ransomware attacks continue to pose a real threat to the education sector, the federal government is developing cybersecurity resources and support for school districts and state departments of education.

Earlier this year, the U.S. Department of Education and the Cybersecurity and Infrastructure Security Agency established a Government Coordination Council for the Educational Institutions subsector. The council aims to expand cooperation among federal, state, tribal, and local government to strengthen schools’ cyber defenses.

The Federal Communications Commission also approved a three-year Cybersecurity Pilot Program for Grades K-12 in June, and eligible schools and libraries can use these funds to secure their networks. A CISA official also recently shared with K-12 Dive the latest Cybersecurity resources for schools through the Agency, including a free service to scan and test local authorities’ vulnerabilities in their external networks or public web applications.

Leave a Reply

Your email address will not be published. Required fields are marked *