Dorchester District 2 data center attacked; no information accessed or compromised

Dorchester District 2 data center attacked; no information accessed or compromised

DORCHESTER COUNTY, SC (WCSC) - Officials say the Dorchester District 2 data center was attacked by a ransomware virus this past summer.

According to officials, the virus disabled the district's operating system and database on 25 of 65 technology servers.

"Data on these 25 servers was encrypted rendering it inaccessible," DD2 officials said.

A report states an investigation determined that this was a ransom request, and there was no identity theft involved and no student or staff information had been accessed or compromised.

"District leaders contacted the State Department of Education Chief Security Officer, SLED, other law enforcement agencies, and legal counsel for assistance in investigating the depth of the situation," DD2 officials said.

DD2 officials said as part of the investigation, the school board approved contracting with a technology solution company to conduct a full security assessment of the district's network.

"The company has just completed a detailed analysis to identify weaknesses in the system and will be making recommendations for steps to safeguard against future occurrences that will be presented to district staff and the school board in mid- September," DD2 officials said. "Since this discovery was made, the school district has worked tirelessly and exhausted every available resource to determine how this situation occurred, to retrieve the data, and to build additional security measures into the system to help safeguard against such incidents in the future."

District officials say in the ongoing investigation, the following determinations have been made:

  • There was no evidence found by any of the investigating agencies and companies that any student or staff information had been compromised or accessed by anyone
  • Several school districts in the state have experienced a similar corruption of servers along with many national companies and organizations
  • A second technology company was engaged to assist with negotiations for release of the encrypted data and a ransom of $2,900.00 funded through our insurance coverage was paid to decrypt these files. This resulted in data on 24 of the 25 servers being successfully retrieved and restored, but the data on one server was corrupted rendering it inaccessible by us or anyone else
  • Data on this one corrupted server is being re-entered by district and school staff members using hard copy files
  • 2016 – 2017 hard copy data of 32 students out of over 26,000 was not available and is currently being redeveloped through the joint efforts of parents, teachers, and staff. (Please note: these families have been personally contacted.)

"This occurrence has provided the opportunity for a thorough analysis of the constantly changing security requirements of network systems," DD2 officails said."Again, the school district wants to assure you that this situation involved a ransom request, and at no time was there any identity theft of student or staff information. We appreciate the support of our parents and staff as we work to provide our students the best possible learning environment and to ensure all student and staff information is secure."

Copyright 2017 WCSC. All rights reserved.