Athens ISD was the victim of a “ransomware” attack on the district’s computer system. The attack struck encrypted data on the district’s servers, including backups systems and hundreds of computers. Access to all data has been blocked, including teacher communications, student schedules, grades, and assignments. The school board has voted to pay $50,000 to recover the data. They delayed the start of classes by at least one day.
Statement From Athens ISD
AISD attacked by ransomware; the start of school delayed (version en Español Abajo)
As if the COVID-19 virus weren’t enough of a challenge, another type of virus has wreaked havoc for Athens ISD — this time in the form of a criminal ransomware attack. The ransomware encrypted all of the data stored on school district servers, including multiple data backups and a few hundred district computers. As a result, access to all data has been blocked, including teacher communications, student schedules, grades, and assignments.
The attack comes at a critical time, just days before the school year’s scheduled August 3 start. As a result, the first day of school must be delayed by at least a week to August 10. AISD Superintendent Dr. Janie Sims said she would notify parents no later than next Thursday, August 6, if the one-week delay will need pushing out another week.
“The first thing we want to do is ensure our staff and student families that no personal data has been compromised to the best of our knowledge,” said Sims. “Whoever is behind this attack has not taken the information; they have encrypted it, so we have no access unless we meet their ransom demand.”
In an emergency meeting at noon today, the trustees’ board voted to pay the ransom amount of $50,000, using a cryptocurrency, such as bitcoin. AISD does have cyberattack included in its insurance coverage, and the school is processing a claim.
“We can’t afford not to pay it,” said AISD Board President Alicea Elliott. “It would take us months to rebuild all that data so that we could start school.”
“I want our families to know we will keep them informed,” said Sims. “This is a rapidly evolving and complex situation, and we are still working out the level to which we’ve been impacted and how best to respond.”
Members of the Athens ISD Technology department work closely with teams from the Region 10 Educational Service Center and a division of the Center for Internet Security to resolve the situation.
“They have indicated [our IT department] could not have done more to mitigate this happening,” Sims told the board, noting later: “This has happened to at least six or seven other districts in East Texas.
We prepared as much as we could. There’s no way to be 100 percent safe.”
According to the cybersecurity research firm Emsisoft, they hit the U.S. by an unprecedented barrage of ransomware attacks in 2019 that impacted at least 966 government agencies, educational institutions, and healthcare providers.