New Haven Schools Put 2 IT Staff on Leave After Cyber Attack

(TNS) — Two New Haven Public Schools IT employees have been placed on paid leave as a result of "performance-related concerns" that arose as the school system was implementing corrective measures to improve IT security following a cyber attack last June, an official said.

Schools spokesman Justin Harmon identified the two employees as the director of information technology and the senior IT information specialist.

"They were put on leave due to performance-related concerns," Harmon said. "The action is not directly related to the cyber attack, but the concerns arose as we were implementing corrective measures to improve our IT security."

In the incident in June, hackers stole $5.9 million in city funds, of which city and federal officials expected to recover at least $4.7 million, officials said at the time.

The city, working with the Federal Bureau of Investigation, was able to quickly recover $3.6 million that had been transferred to just one bank account and was in the process of recovering an additional $1.187 million that had been transferred multiple times, Mayor Justin Elicker said at the time.

The U.S. attorney's office and the FBI seized and filed a civil asset forfeiture complaint against that additional $1.187 million that was traceable to the business email compromise attack, U.S. Attorney for the District of Connecticut Vanessa Roberts Avery and Robert Fuller, special agent in charge of the New Haven Division of the Federal Bureau of Investigation, said in a news release at the time.

Criminals "were able to compromise an email account associated with a member of management team of the City of New Haven's Board of Education," they said. "In June 2023, these actors created a fake email account that mimicked the email of a bus company that held a contract with the Board of Education for busing."

City officials have identified the bus company as First Student.

"The criminal actors used the compromised email address to send test emails between the compromised email address and the newly created fake bus company email address," the release said. "Using the fake bus company email address, the criminal actors then were able to change the bus company's payment information from the real bus company to an account held by the criminal actors."

Following the attack, New Haven hired two financial consultants: one to tighten city and New Haven Public Schools cybersecurity and a second to review and strengthen the city and school system's financial controls, Elicker said.

©2024 the New Haven Register (New Haven, Conn.). Distributed by Tribune Content Agency, LLC.