Iowa's largest school district says January ransomware attack affected over 6,500 individuals

The school district, which has 65 schools and more than 30,000 students, said that it was “alerted to a cyber security incident on its technology network” on 9th January. The school district said it immediately disconnected its network from the internet as a precaution and took its network services offline to contain the security incident.

“Because many technology tools that support both classroom learning, as well as the management and operation of the school district, are not available at this time, the prudent decision is to close the district for the day,” it said.

While school offices remained open, access to the internet, WiFi, and various networked systems, at school buildings and district offices were either offline or intermittent throughout the day which indicated that district staff were working remotely while the schools investigated the cyber attack with assistance from consultants.

In a recent notice on its website, Des Moines Public Schools said that it is “reaching out to nearly 6,700 individuals this week to notify them of a data security incident that occurred earlier this year. The incident, which involved a cyberattack against the school district in January, may have resulted in the exposure of personal information belonging to those individuals”.

The school district added that the threat actors behind the cyber attack demanded a ransom in exchange for deleting the stolen data. The district, however, decided against paying the same as meeting the threat actors’ demands doesn’t guarantee the deletion of the compromised data.

“No ransom has been or will be paid in response to this attack based on the advice of our cybersecurity experts and what is in the best interest of the school district and community,” the school district added.

Following the cyber security incident, DMPS took immediate steps to enhance the security features of its internal systems and implemented “further technical safeguards” to avoid such incident in the future.

Also, all affected individuals who will receive a notice of data breach from DMPS will be eligible for complimentary credit monitoring services. The letter includes details on how affected individuals can place a fraud alert and put a security freeze on their credit file and obtain a free credit report.

Matt Smith, Interim Superintendent of DMPS, said, “We want to express our deepest gratitude to everyone for their patience and understanding as we address this unfortunate incident.

“Data breaches have become all too common for public agencies and private businesses alike, and we recognize the impact they can have on individuals,” he added.