The documents accessed in the breach contained information about some students, staff and faculty, such as names and some Social Security, passport, driver's license and financial account numbers, as well as dates of birth and COVID-19 test result attestations, according to a Friday news release from the community college.
As of Friday, officials had no indication that any of the personal information has been misused, according to the news release.
The community college experienced a ransomware attack that affected its computer systems March 20, and officials promptly began trying to secure the network, the news release said.
An investigation into the incident found that an unauthorized user was able to access data between Feb. 27 and March 20, officials said.
The investigation remains open. College officials are working with law enforcement and what they described as "industry-leading third-party cybersecurity experts" to recover from the attack, said Cat Chiappa, a spokesperson with the college.
Officials said they are taking steps to enhance the college's network security through multiple layers of protective measures and enhanced staff training on handling sensitive data.
College officials advise students, staff and faculty to watch out for suspicious or unauthorized activity in their accounts, to review credit reports and financial account statements, and to notify their financial institutions of fraudulent activity.
The college will offer complimentary memberships to a credit monitoring service to those whose information was accessed, the news release said.
The ransomware attack forced most students to transition to remote work for a week while local and federal investigators looked into the incident. Wi-Fi connections on campus were also down, prompting college officials to purchase mobile hot spots — though there were not enough for all students.
Campus Wi-Fi is still not working, but it will be restored soon, Chiappa said.
She said the spring quarter is in full swing with students in their chosen classes, and the college's website is up and running.
This incident marked the second time this year that suspicious activities on a computer network disrupted an education institution in the Puget Sound area.
Three federal agencies issued a collective advisory in the fall warning that ransomware attackers were disproportionately targeting the education sector.
©2023 The Seattle Times. Distributed by Tribune Content Agency, LLC.
