REDFORD, Mich. – South Redford School District canceled classes today due to a cyberattack that may have possibly leaked personal information about students, teachers and their families.
Three thousand one hundred forty-six students were impacted, but their families’ personal information may now be in the hands of criminal hackers.
The district told Local 4 that they are working with its cybersecurity team to resolve the issue. What is unknown is how severe this attack is because when hackers target a school district, everyone is a potential target.
Ilya Elkin, the owner of InNetwork Telecom, is focused on helping school districts and families protect themselves against cyber attackers using phishing emails mimicking superintendents or teachers. If one person clicks on a link, personal information can be exposed, sold, and identities could be stolen.
“People don’t care who they attack. I mean, they will come after as I said, teachers, they’ll come at their principal,” said Elkin. “But the worst is they’ll actually come out after these students.”
The very latest from the district is that their cybersecurity team is continuing to work on this attack.
Below is the latest message from the district.
“Our community was notified earlier today that the South Redford School District was the victim of a cyber-attack targeting the District’s networked systems. Out of an abundance of caution, schools were closed today as a proactive measure to limit access and exposure of our technology and networked systems. At this time, Cyber Forensic teams are advising the District to remain closed for tomorrow, September 21st, 2022. Student and staff data security continues to be a top priority for the South Redford School District. Cyber Forensics teams are diligently working to restore our systems to normal operations. We continue to work to bring impacted systems back online once the security of each system is confirmed by our Cyber Forensics teams. Again, we appreciate the patience and understanding of our community as we navigate this difficult situation. This is a time-intensive process and one that we continue to take seriously. We will continue to provide updates as additional details become available.”
South Redford School District, Sept. 20, 2022
Below, CISA Region 5 Regional Director Alex Joves recommends these steps to protect themselves against cyberattacks:
- Ensure that multifactor authentication is enabled for all accounts, whenever possible
- Ensure that critical data is regularly backed up and that backups are both separated from business systems and encrypted
- Update and patch all hardware and software
- Develop an incident response plan and conduct regular exercises to ensure the organization is ready to respond
Below is the message the South Redford School District sent out to parents and staff about the cyberattack.
“The South Redford School District was the victim of a cyber-attack targeting the District’s networked systems. Federal and local authorities were notified and as a precautionary action to ensure data security of the school district’s students, families, and personnel the decision was made to close school for today, September 20th, 2022. This action was taken in collaboration with our cyber security teams who support the District as a proactive measure to limit access and exposure to our technology and networked systems. Identification and resolution of such attacks take time and we are thankful for the patience of our school community while we work diligently to resolve the matter. At this time, we continue to actively work with our cyber security teams to resolve the cyberattack that was made against the South Redford School District. Our cyber forensic teams have been working non-stop to identify and isolate the cyber-attack. We anticipate receiving an update from the cyber security experts within the next several hours. We intend to notify all families and personnel about the status of reopening the schools for tomorrow as soon as feasible. Again, we appreciate the patience and understanding of our communities as we navigate this difficult situation. The data security of our students and staff remains a top priority.”
South Redford School District, Sept. 20, 2022