The attack was discovered Monday morning by an antivirus program that the district had installed. Minersville officials received an alert, took the entire computer system offline, and contacted their insurance company, whose cybersecurity team has been advising the district.
The district canceled classes for Tuesday, Wednesday, and Thursday but has not yet made a decision regarding Friday, said Superintendent Michael Maley.
The district sent a message telling parents that it needed to determine the extent of the attack and how it occurred before bringing its system back online and reopening its buildings.
“We need to understand what happened before we reopen,” Maley said when contacted Wednesday to further explain the situation.
Ransomware is a type of computer virus that locks files without permission. A person that has the digital key to unlock the files then asks for money in exchange for the digital key.
The Minersville attackers had not yet demanded money before the virus was found, Maley said.
The district’s staff and forensic investigators worked quickly to isolate the virus and protect most of the district’s information, though there is some data still locked that the district is not yet able to access.
This is the first time that Minersville suffered a ransomware attack, but as unfortunate as it is, it did not come as a surprise, he said.
Any entity that has a large amount of data stored, including businesses, government offices, hospitals and schools, are vulnerable to such attacks, he said.
“It’s not a matter of if this will happen, but when,” he said.
While investigators are still determining how the virus entered Minersville’s system, it does not appear that the problem was initiated due to an employee error such as opening an infected website or message, he said.
Schools were closed not only because instruction would have been affected by the loss of technology, but because the district’s computer system and the Internet are also crucial to running security and communications in the buildings, he said.
“Keeping students and staff safe is paramount,” he said.
Conducting a thorough analysis of what happened takes time, he said, and putting the computer system back online prematurely could make the virus more of a threat.
Minersville Police and the Schuylkill County District Attorney’s office have both been notified that the cybercrime occurred, he said.
The district’s hope is those who launched the attack can be identified and reported to law enforcement, he said.
Maley said he could not release further details about where it is suspected the virus was launched from, other than saying that it did not appear to be a local source.
The school closures are only affecting students who attend the junior-senior high school, elementary center and Llewellyn Early Childhood Center. All other students were to report to their schools, and transportation for the Schuylkill Technology Center, the Intermediate Unit and alternative schools was still to be provided at the normally scheduled times.
The district will soon determine when the lost instructional days will be made up, Maley said.
After school activities were held as normal on Tuesday and Wednesday.
© 2025 the Republican & Herald (Pottsville, Pa.). Distributed by Tribune Content Agency, LLC.
