Tennessee College Hit with Ransomware

Read Time:1 Minute, 44 Second

Tennessee College Hit with Ransomware

A cyber-attack on a community college in Tennessee may have exposed the personal data of students, staff and faculty. 

Attackers struck Pellissippi State Community College (PSCC) with ransomware on December 5 2021. The digital assault shut down online network connections to all five of its campuses during finals week, disrupting online exams. 

All the college’s connected PC workstations and most of its servers, including the operating system and files, were encrypted. The attackers also changed the passwords of every user.

“What I can say is that this is not going to be a quick fix,” said Pellissippi State vice president for academic affairs, Kellie Toon, at the time of the attack.

“There have been other schools hit and just by all indications in can take months to rebuild it. We can rebuild it. We will rebuild it … but it’s going to take time. ” 

The attack left staff and some of the college’s 11,000 students unable to access email or the Microsoft communications platform Teams. 

The college launched an investigation into the cyber-attack to gauge its impact. On February 1, PSCC began informing an unspecified number of individuals that their sensitive information may have been compromised in the attack. 

A notice on the college’s website states: “Our investigation confirmed that the attacker had access to our Active Directory database, which includes first and last name; PSCC username; PSCC email address; office location and phone number; job title and department (if an employee); P number (a unique number assigned to each student and employee used only at PSCC and not used to sign documents); General user ID number (a long random string of numbers used only by PSCC in its Banner system); and PSCC account password (hashed).”

The college added that cyber-criminals may have also been able to access “other personal data in our system.”

PSCC said that the individuals whose data may have been accessed and acquired in the attack included former and current students, faculty, staff and participants in Tennessee Consortium for International Studies (TNCIS) programs.

Read More