Tennessee College Hit with Ransomware
A cyber-attack on a community college in Tennessee may have exposed the personal data of students, staff and faculty.
Attackers struck Pellissippi State Community College (PSCC) with ransomware on December 5 2021. The digital assault shut down online network connections to all five of its campuses during finals week, disrupting online exams.
All the college’s connected PC workstations and most of its servers, including the operating system and files, were encrypted. The attackers also changed the passwords of every user.
“What I can say is that this is not going to be a quick fix,” said Pellissippi State vice president for academic affairs, Kellie Toon, at the time of the attack.
“There have been other schools hit and just by all indications in can take months to rebuild it. We can rebuild it. We will rebuild it … but it’s going to take time. ”
The attack left staff and some of the college’s 11,000 students unable to access email or the Microsoft communications platform Teams.
The college launched an investigation into the cyber-attack to gauge its impact. On February 1, PSCC began informing an unspecified number of individuals that their sensitive information may have been compromised in the attack.
A notice on the college’s website states: “Our investigation confirmed that the attacker had access to our Active Directory database, which includes first and last name; PSCC username; PSCC email address; office location and phone number; job title and department (if an employee); P number (a unique number assigned to each student and employee used only at PSCC and not used to sign documents); General user ID number (a long random string of numbers used only by PSCC in its Banner system); and PSCC account password (hashed).”
The college added that cyber-criminals may have also been able to access “other personal data in our system.”
PSCC said that the individuals whose data may have been accessed and acquired in the attack included former and current students, faculty, staff and participants in Tennessee Consortium for International Studies (TNCIS) programs.
More Stories
Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services
Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google...
Friday Squid Blogging: Sunscreen from Squid Pigments
They’re better for the environment. Blog moderation policy. Read More
Compromising the Secure Boot Process
This isn’t good: On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than...
Synnovis Restores Systems After Cyber-Attack, But Blood Shortages Remain
Synnovis has rebuilt “substantial parts” of its systems following the Qilin ransomware attack on June 3, enabling the restoration of...
Hacktivists Claim Leak of CrowdStrike Threat Intelligence
CrowdStrike has acknowledged the claims by the USDoD hacktivist group, which has provided a link to download the alleged threat...
CrowdStrike Falcon Outage Exploited for Social Engineering
Cyber threat actors are exploiting the CrowdStrike Falcon outage to conduct social engineering attacks. Here's what the CIS CTI team...