Highline Public Schools, based in Washington, revealed that a significant amount of personal, financial, and medical information had been compromised due to a ransomware attack that occurred in September 2024. The K-12 school district, which oversees 34 schools with approximately 17,500 students and 2000 staff members in Washington state, recently completed a forensic investigation into the incident. The investigation uncovered that an unknown individual had gained access to certain systems on the network and retrieved specific files.
The data that was compromised in the attack included a wide range of sensitive information such as names, addresses, dates of birth, social security numbers, driver’s license numbers, financial account details, passport numbers, employment information, digital signatures, medical records, health insurance information, student ID numbers, student records, demographic information, and grade details. The extent of the data accessed varied among individuals affected by the breach.
Highline Public Schools took immediate action to secure their systems and initiated a comprehensive investigation upon discovering the incident. The district has also enlisted the help of third-party computer forensic specialists to assist in the aftermath of the attack. Additional security measures are currently being implemented to prevent similar incidents from occurring in the future. The ransomware attack was promptly reported to federal law enforcement for further investigation.
In response to the breach, Highline Public Schools encouraged individuals impacted by the incident to remain vigilant in monitoring their accounts for any signs of identity theft. The district is offering free credit monitoring and identity protection services for a period of 12 months to members of the Highline community affected by the breach. This assistance aims to help mitigate any potential repercussions of the compromised data.
The ransomware attack, which was discovered on September 7, 2024, prompted the immediate isolation of critical systems within the district. As a precautionary measure, all schools and activities under the Highline Public Schools jurisdiction were shut down for three days following the discovery of the attack. The closure included the postponement of the first term date at kindergarten for the 2024/2025 school year. It wasn’t until October that network systems were fully restored, with all student and staff devices undergoing a re-imaging process.
Highline Public Schools confirmed in early October that the incident was indeed ransomware-related. The disruption caused by the attack underscores the growing threat of cybercrime against educational institutions, highlighting the importance of robust cybersecurity measures to safeguard sensitive information. As schools grapple with the aftermath of ransomware incidents, the need for heightened security protocols and proactive measures becomes increasingly apparent to protect student and staff data from future breaches.