RPS personal employee information involved in recent cybersecurity incident

[anvplayer video=”5175440″ station=”998128″]

(ABC 6 News) – In a letter to Rochester Public School (RPS) families sent on Thursday, school officials say they have determined personal information belonging to some RPS employees was involved in a recent cybersecurity incident.

RPS said the personal information does include a small number of students who are or were employed by the district, however at this time there is no evidence that personal information of any students who do not work for RPS was affected.

RPS said there is also no evidence that the affected personal information has been used for identity theft or financial fraud.

RPS said they mailed notification letters to the affected individuals on Thursday.

RPS confirms the cybersecurity incident was a ransomware event and have alerted the FBI. RPS said they did not pay a ransom and could not disclose the ransomware until now as to “protect the integrity of our investigation.”

Technology and cybersecurity teams continue to work to bring RPS back to full operational capacity as soon and securely as possible, the district said.

Cybersecurity expert and CEO of CyberCatch Sai Huda says hackers do this for financial gain, and they’ll likely still leak your information, even if you pay the ransom.

“If they don’t get paid, they could still sell the data on the dark web for money,” Huda explained.

Huda explains schools are a target for ransomware attacks because they have a lot of personal data, and they’re known for not keeping up with cyber safety.

“The bad guys know that they have data about students, they have data about parents, about faculty, staff. And the defense is weak. So that’s why they’re targeting these schools, and unfortunately schools need to be more proactive and realize they have a lot of data the bad guys are after it,” he said.

On April 6, RPS said they discovered “irregular activity” on its network saying its technology staff responded immediately shutting down district-wide internet in order to review and address the issue. RPS was on spring break at the time, but decided to cancel classes on Monday, April 10 when students were scheduled to return.

RELATED: RPS investigating “irregular activity” spotted on its network

RPS has slowly integrated more technology into their classrooms each day following the cyber incident. However, due to the technology challenges, RPS said it would not be able to conduct Minnesota Comprehensive Assessment (MCA) testing in May.

RELATED: RPS will not administer MCA tests due to technology challenges

RPS said they will continue to share updates as the remediation process and forensic investigation move forward.