Buffalo Public Schools was forced to cancel both remote and in-person learning today due to a ransomware attack that hit the school district on March 12, local news outlets report. Remote learning was also canceled Friday.
The cyberattack struck as schools were planning to welcome back third, fourth, ninth, and eleventh grade students as part of a phased school reopening. On Friday morning, the district released a statement describing an "unanticipated interruption" in its network systems, WGRZ reports.
Superintendent Dr. Kriner Cash said the FBI is helping the school district in the wake of the incident. It's also getting assistance from major corporations such as M&T Bank and security company Grey Castle, with which Cash approved an emergency contract to look into the attack.
IT staff began to take systems offline on Friday morning as an "urgent precautionary measure," Cash wrote in a letter shared to the district's Facebook page. The district plans to use today to "pressure test system restoration and access" and communicate necessary information for students to access virtual learning tools once classes can resume.
So far, investigators have not determined that personally identifiable information has been exposed, though Cash notes the investigation is in its early stages and will be ongoing for at least two more weeks. The team has identified key findings related to the attack's root cause and potential effect on Buffalo Public Schools systems, he says.
K-12 schools across the US faced a record number of security incidents in 2020, the K-12 Cybersecurity Resource Center reported last week. The center recorded 408 publicly disclosed security incidents last year, an increase of 18% from 2019 and its highest number since it began tracking incidents in 2016.
Read more details here.