On Thursday, Highline Public Schools, a K-12 educational district, announced that a ransomware incident had compelled the closure of all its schools in early September.
Highline Public Schools employs over 2,000 staff members and provides a wide array of programs from early childhood education to college readiness. The district caters to more than 17,500 students across 34 institutions located in the communities of Burien, Des Moines, Normandy Park, SeaTac, and White Center in Washington State.
Following the detection of unauthorized activity on its network after a security breach on September 7th, the school district was obligated to suspend all school operations and cancel extracurricular activities.
While Highline’s central office remained operational with staff required to report for duty, an investigation into the attack’s ramifications commenced. The district sought assistance from third-party experts as well as state and federal partners to restore affected systems.
“In response to this situation,” stated the school district this week, “we engaged a third-party cybersecurity forensic expert who confirmed that the unauthorized activity was indeed ransomware.”
The statement continued: “We have informed the FBI about this incident and are cooperating with their ongoing investigation. Due to its sensitive nature, we cannot provide further details regarding any potential law enforcement inquiries at this moment.”
Current Status of Highline Public Schools
As efforts continue to rebuild compromised network systems for reactivation online services are underway; starting October 14th all student and staff devices will undergo re-imaging.
“We are diligently working on restoring our network infrastructure,” said officials. “Beginning during the week of October 14th technology services personnel will prompt both staff and students to update their network passwords. Furthermore, we will be re-imaging all Windows devices provided by our district.”
The restoration plan includes prioritizing access for tools authenticated through ClassLink during that same week.
Notably exempt from re-imaging are Chromebooks and Apple devices; however tech personnel along with students must reset their passwords before accessing these devices again.
At present time there is no additional information available concerning specifics about the ransomware group responsible for last month’s cyberattack or whether any personal data belonging to employees or students has been compromised or stolen during this event. As a precautionary measure though; every employee within Highline is being offered one year’s worth of complimentary credit monitoring services along with identity protection resources.
This ransomware attack targeting Highline Public Schools adds itself onto an alarming trend where educational institutions across North America—and globally—have increasingly fallen victim to similar cyber threats.
For example in June earlier this year; Toronto District School Board (TDSB)—the largest school board in Canada—reported experiencing its own ransomware attack which disrupted its software testing environment significantly impacting operations at one point.
Additionally during June attackers infiltrated Mobile Guardian—a digital classroom management platform—resulting in remote data wipes affecting approximately 13 thousand iPads and Chromebooks utilized by students spanning North America as well as Europe and Singapore.
Ananya Upadhyay is an experienced freelance journalist specializing in investigative reporting on health and environmental issues. She is a college student and contributes to The Right Opinion, she delivers impactful news with deep analysis to inform and engage global audiences.
