Ransomware Postpones First Day of School for Hartford Students

As educators, parents and students braced for the start of the academic calendar, the focus on the uncertainties of returning to school during COVID-19 gave way to a different type of threat when a ransomware attack forced a Hartford, Connecticut school district to cancel the first day of classes. 

The ransomware attacked more than two-thirds of the school districts servers, impacting essential systems which made on-site student learning and district-provided busing impossible. Citing these two challenges, Hartford officials had no choice but to send out notices that the first day of school was being postponed for the nearly 18,000 students and 1,600 teachers. 

After further investigation, the city confirmed that the ransomware virus had entered their systems a few days prior to being discovered and investigators were confident that no personal, private or financial information was accessed or stolen in the attack. Upon learning about the attack, the city was quick to act, and administrators spent the weekend restoring and rebooting their systems, as well as inspecting all district hardware to confirm devices were safe for in-person and remote instruction.

The attack also impacted Hartford’s first responders, but the harm was described as more of an inconvenience to their back-end services and did not impact any operational capabilities that would prevent or delay emergency service response time. Hartford Mayor Luke Bronin stated the ransomware attack was the "most extensive and significant attack in the last five years in the city". As of this article no details have been released on the amount of ransom requested or if the attack was even targeting to delay the first day of school. The FBI and Hartford Police Department are still investigating the attack and classes resumed without incident the following day.

While the postponement was met with understandable frustration and disappointment from faculty, students and parents, the reality of the situation is that the damage could have been much worse if the city of Hartford did not take cybersecurity seriously. Bronin had seen the impact of ransomware attacks on other Connecticut communities in the past and worked with city officials over the prior year to invest approximately $500,000 in cybersecurity improvements, which he directly attributes to the successful response to the attack and for preventing any significant damages.

This is the second confirmed ransomware attack on a school district this fall, with the other being a 16 year-old student at South Miami Senior High School reportedly responsible for 12 cyberattacks on the Miami-Dade County Public School system in Florida.

With the focus on how students are returning to class, and an increase in virtual learning in the current pandemic world, this story is another reminder that organizations need to keep their guard up against cyber threats. We know firsthand that incidents like this can strike at any moment, and the importance of assessing security posture, investing in cybersecurity and planning for incidents can be the difference between missing one day of school or shutting down an entire municipality.

About Schneider Downs Cybersecurity

The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. For more information, visit www.schneiderdowns.com/cybersecurity or contact the team at [email protected]

In addition, our Incident Response Team is available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident. 

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2021 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on
How To Scope a SOC 2 Audit
Do I Need a SOC 2 Type 1 Before a SOC 2 Type 2?
What Financial Institutions Need to Know About R-SAT
Why Do CPA Firms Perform SOC 2 Audits?
Fact or Fiction: SOC 2
Cybersecurity BY Gary Muggli
NIST Introduces NISTIR 8374 to Tackle Ransomware Risk Management
Register to receive our weekly newsletter with our most recent columns and insights.
Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us
contact us
Map of Pittsburgh Office

One PPG Place, Suite 1700
Pittsburgh, PA 15222

[email protected]
p:412.261.3644     f:412.261.4876

Map of Columbus Office

65 East State Street, Suite 2000
Columbus, OH 43215

[email protected]
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102

[email protected]

This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.