Home News Ransomware hits Syracuse schools and Onondaga County library

Ransomware hits Syracuse schools and Onondaga County library

Ransomware, supply chain and ransomware

A recent ransomware attack on Syracuse City School District and Onondaga County Public Library has ceased their network systems and disabled the access to the catalogues and online accounts. The school authorities launched an investigation to determine the source and damage of the incident.

According to the official statement, the hackers infected the school’s network system with Ryuk Ransomware and demanded a ransom to set free. It’s believed that the attacker is linked to a criminal group known as Grim Spider based in Eastern Europe.

“On Monday, July 9th, the district experienced a cyber-event in which our computer files and systems were inoperable.  We have been working with cybersecurity and law enforcement professionals to restore our systems.  We have restored some of our back-end systems (human relations, payroll, student management) and are still working on more public facing systems like the email system,” Syracuse City School District said in a statement.

“At this time, we have no indication that any data was compromised but rather the attack froze the district from accessing our own systems.  Our phone service is working, and offices are open and summer school is in session,” the statement added.

Earlier, San Diego Unified School District reported a data breach that affected more than 500,000 students and staff members. According to the official statement, a phishing scam led to unauthorized access to the staff’s log-in information, including the network services and students’ database.

The security officials at the school district stated they discovered the breach in October 2018. It’s believed that the incident occurred between January 2018 and November 2018. The school district declared the compromised students’ information included social security numbers, names, date of birth, mailing address, home address, attendance records, ID numbers, and phone numbers. Some staff members’ information like payroll, deduction information, tax information, direct deposit financial institution name, account number, salary, and leave information was also compromised.