Iowa School Cyberattack Results in Several Days of School Closures

A cyberattack on the Des Moines Public Schools (DMPS) in Iowa has left parents and students scrambling to stay updated on the latest news. The DMPS canceled classes and activities for two days due to a security breach in their network as technicians scrambled to protect data and restore the computer system. The school announced that classes would be canceled for its 33,000 students and that they were working with local law enforcement to investigate the attack.

District officials said they had made massive progress in restoring systems, including regaining access to the student information portal and making sure phones are operational. In the meantime, students are asked to stay away from the school’s systems and use their own devices instead.

When did Des Moines Public Schools find the cybersecurity attack?
The district’s IT staff was first alerted to an issue Monday morning. Following this incident, Iowa’s Des Moines Public Schools system canceled classes and activities for two days due to what officials said was a “cybersecurity incident.”

During a Tuesday news conference, the Des Moines school district’s interim superintendent, Matt Smith, said that the investigation was still ongoing regarding how and why the cyberattack happened. He said that everything from school bus routes, student records, and lunch menus to staff duties is controlled through the computer system.

The district said that an individual or group had infiltrated the system and gained access to sensitive data, though they did not specify what information was compromised. The IT staff shut down the district’s servers to protect data and prevent further damage.
With Tuesday and Wednesday classes canceled, Smith said students would have to make up the missed days. The district announced that the school would reopen Thursday.
According to Smith, officials believe the payroll system is intact, and nearly 5,000 of the district’s teachers and staff can be paid.

Was It a ransomware attack?
While the investigation is ongoing, top officials with Des Moines Public Schools are operating as if it’s a ransomware attack. There is no evidence yet to confirm this, but sources close to the investigation tell reporters that they believe it is a ransomware attack. “It was a cybersecurity problem that we can not confirm yet until we run all of our diagnostics and confirm that, in fact, it’s a ransomware attack,” said Smith. “What I can tell you is that we’re treating this incident as a ransomware attack just to be sure.”
The incident has heightened awareness among Iowa school districts about the importance of cybersecurity since many of the state’s schools rely on technology to teach and manage student data.