Jefferson County Schools victim of ransomware attack
The Jefferson County School System said it was the victim of a ransomware computer attack during Spring Break.
The school system said in a news release that its technology team “took immediate steps to stop the attack and notified state and local authorities.”
According to the U.S. Cybersecurity and Infrastructure Security Agency, ransomware is “a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption.”
Attackers sometimes also threaten to release sensitive data unless a ransom is paid.
The school system said preliminary investigations have not revealed any evidence of a breach of sensitive personally identifiable information.
“We will continue to investigate any possibility of compromised data and notify stakeholders accordingly if discovered,” the news release stated. “We have engaged outside cybersecurity experts and law enforcement officials to assist.”
The district said it uses multiple security protocols including filtering, firewalls, and antivirus systems, which allowed them to catch the attack early.
“Out of an abundance of caution, we have taken all network systems down to investigate thoroughly,” the system said. “These networks will be reconnected as we take steps to ensure all traces of malware are gone.”