IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Over 26,000 Impacted by Ransomware at Texas School District

State and federal authorities are still investigating a cybersecurity incident at Judson Independent School District that took down phones and email, and may have put student information and staff bank accounts at risk.

ransomware-2320793_1280
(TNS) — Judson Independent School District's computer and communication systems remained paralyzed Thursday as staffers scramble to understand the extent of a ransomware attack detected a week earlier.

District officials weren't disclosing what information the cyberattack compromised but acknowledged that Judson computers, telephones and e-mail services were still down. A district spokesperson Thursday confirmed the outages were the result of a ransomware attack.

Ransomware is a type of software that encrypts files and systems, rendering them unusable to the owner. The data hijackers then request a ransom, usually in cryptocurrency, in exchange for releasing the files and systems.

The Northeast Side school district, which employs 3,270 people and serves nearly 22,900 students across 30 campuses, now is using Google's commercial e-mail service, personal phones and cellular hotspots to communicate.

"Right now, we're still in the investigative process, and still trying to determine this scope and the nature of the attack," said Nicole Taguinod, a district spokeswoman. "I can tell you that it does impact us pretty greatly just because we're all very dependent on emails and our phones."

The district canceled summer school classes for about 700 high school students last Friday, according to Taguinod, but they resumed Monday.

"We've secured hotspots and collected those to be able to get our students online for summer school," she said. "We also are using that kind of technology to be able to work within our offices and such."

Judson is working with local, state and federal authorities, Taguinod said. The Federal Bureau of Investigation did not respond to a request for comment. The Texas Department of Information Resources, an agency responsible for protecting state technology infrastructure, is supporting the investigation.

"The Texas Department of Information Resources takes our role in assisting other government organizations with their cybersecurity incidents very seriously, and we strive to protect the information entrusted to us by those organizations who have been impacted," said Brittney Booth Paylor, an agency spokesperson.

The district Police Department's public phone line and e-mail remain down since they're on the district's servers.

Taguinod couldn't say whether the district or authorities have been in contact with the hackers or if they've requested a ransom to release the computer systems.

"Nothing is more important to us than the safety and security of our community, staff, students and our families, and that includes protecting their personal information, their personal data," she said. "We are committed to the recovery of this, and we will continue to communicate as much as we can when we can to keep them in the loop."

She said the district is communicating with families via a mass communication system with text messages as well as social media. Despite the outage, the district's public website remains operational, and it has a page dedicated to the attack.

Dozens have commented on JISD's Facebook page about the hack.

"Student info is in the system, so is the parent's info, including socials and bank account info if you have a lunch program," commented Anna Ramirez. "Also staff bank account and payroll info is at risk."

Some parents expressed concerns about the validity of school emails since the district disclosed the attack.

"We have set up phone numbers in order to address inquiries regarding our summer school programs, in addition to transportation," Taguinod said in an e-mail. "In addition, a district call center to assist with other inquiries is being established and will be live on Monday, June 28."

The JISD website asks staff, students and families to "not access any other district information technology systems."

The district had a regularly scheduled school board meeting June 24. The agenda did not mention the ransomware attack, but Taguinod said the board would discuss it in a closed executive session at the end of the meeting.

People with information about the attack are asked to email JISD.communications@gmail.com.

©2021 the San Antonio Express-News. Distributed by Tribune Content Agency, LLC.