Add Monroe Public Schools in Michigan to any list you may be keeping of schools hit by ransomware.
On January 7, external counsel for the district notified individuals about an incident the district discovered on June 10, 2021 when certain systems and files were encrypted. The district reports that it immediately secured their network and removed the malware from their system, and worked to restore data and functionality.
Their investigation concluded that between June 9, 2021 and June 10, 2021, in addition to encrypting files, an unauthorized party exfiltrated what they describe as a “limited number” of files and folders from the district’s system.
Because portions of the copy of the notification letter were redacted, it is not clear exactly what data types were involved for those being notified, but it appears that for at least some, social security numbers were involved. There is no indication that student or parental information was involved, and the district stated it has
no indication or evidence that any of that data has been or will be misused.
They do not reveal the type of malware and whether there was any ransom demand.
Letters have reportedly gone out to 1,201 individuals affected by the breach. Whether they are current or former employees or both is not indicated in the submission to the Maine Attorney’s General Office.