Rochester Schools Still Suffering 1 Month After Cyber Attack

Rochester Public Schools, based in Minnesota, was hit by a significant ransomware attack on 6th April 2023, disrupting its operations and affecting thousands of students, teachers, and staff members. The attack was first detected at 4:30 a.m. by a member of their IT team, initiating a damage control process that has already lasted over a month and still continues to see a lasting effect. The district’s Chief Administrative Officer, John Carlson, informed the Rochester School Board that the breach occurred through a compromised third party vendor account. As the situation escalated, classes were forced to be cancelled for a day, and the district had to disconnect its virtual networks in an effort to contain the spread of the attack.

The ransomware attack has had profound implications. A ransom note was discovered which stated the entire network had been encrypted and the attackers then threatened that critical data would also be leaked. The cost of preventing the release the data was contingent on how quickly the district responded. The attack forced the district to reassess how lessons were delivered, with teachers adopting innovative methods to ensure continuity in education. For instance, some teachers took their classes outside, taking advantage of the warmer weather and were forced to adapt much of their existing teaching materials without access to their main systems.

Despite these efforts, the attack has had significant ramifications. Minnesota Comprehensive Assessments which had been scheduled were postponed, the ACT college entrance exam was cancelled, and several district buildings were left without functioning air conditioning systems. Uncertainty has continued to persist regarding the scope of the attack, with concerns about potential financial fraud or identity theft related to leaked data from the attack.

The attack on Rochester Public Schools reflects a troubling trend of escalating cyber attacks on educational institutions around the world. Many Schools are attractive targets due to the money they manage, the vast amount of personal information they collect, and unfortunately in some cases, weak cyber security, paired with poorly managed IT systems. The district has advised parents and staff to take proactive measures, such as changing passwords and freezing payments and more to prevent potential identity theft.

The Rochester incident demonstrates the critical importance of robust cyber security measures in the education sector. One2Call work closely with Schools, Academies, Trusts, Education Charities and much more to ensure that they have the best Cyber Security policies and practices in place to protect students, parents and staff alike. We also provide Internet Connectivity services, telecoms Solutions, CCTV and even Facial Recognition access control to staff and office areas. If you would like to see if your business or school is following the best Cyber Security policies and practices, click the link below to download our FREE Cyber Security Self Assessment form.

Latest News Stories