The Providence Public School Board, which oversees 39 schools in Rhode Island, recently faced a data breach that disrupted the network and caused a week-long internet outage.
According to local news reports, the Providence Public School District (PPSD) faced a weeklong internet outage beginning on or around September 11th.
In a letter to families, PPSD said that on September 11th, “Staff detected irregular activity on our network and took immediate action to investigate and address it.” The district also contacted a third-party IT company for additional support. The company suggested that the District shut down the network and conduct a forensic investigation. As a result, internet access was down at all PPSD sites. As of September 18th, the network remains down. PPSD has secured hot spots to help maintain essential services.
On September 16th, hacker group Medusa took credit for the attack, claiming to have parent emails, phone numbers, addresses, and identifying information for district employees. In total, the malicious organization claimed to have over 200 gigabytes of data and demanded a $1 million ransom from PPSD to not leak it.
So far, PPSD has not paid the ransom. It’s generally advised that organizations do not pay ransoms, as it can make them more likely to be targeted in future attacks.
Medusa, a globally-operating ransomware organization with members from the United States, Israel, England, Australia, and India, published a landing page with screenshots of some of the data. Many screenshots included private information, like invoices, student rosters, information about students receiving special education, and more.
The hackers are giving PPSD until September 26th to pay the ransom, or they plan to release the data.
Schools often tend to contain significant private information–from student health and disability information, to Social Security numbers and more. All of this data can be valuable to criminals who often steal information in hopes of committing identity theft or credit fraud.
Minors have become increasingly targeted by cybercriminals. According to Experian, 25% of minors will become victims of identity theft or fraud before they turn 18, which can make it difficult for them to establish credit once they become adults.
In addition, all student data is protected under FERPA law, and PPSD may face repercussions if it fails to secure data.
Lastly, many schools are increasingly reliant on the internet for learning. From accessing videos or texts to using online word processors, many students spend at least some part of their day online. The network disruption likely impacted learning, and hotspots may not have been enough to fully restore regular operations.
Schools hold numerous amounts of sensitive data, from academic information to health records and more. While it’s currently unclear how the breach began, PPSD will likely evaluate their current cybersecurity measures to ensure a breach like this does not occur again.
Medusa still holds sensitive data, so we don’t fully know how this event will play out.
Related: HIPAA Compliant Email: The Definitive Guide