Thousands of school websites go down after ransomware attack on software vendor’s Finalsite
Thousands of K-12 schools and universities found their websites inaccessible this week after their website software provider Finalsite was hit by a ransomware attack on Tuesday and was still working to restore full functionality on Friday. afternoon.
The company said in a statement on its website that it had had full access to its files and data throughout the incident and that a forensic investigation was underway. “We have no evidence that our data or our customers’ data was taken,” the statement read. Finalsite also noted that the information in its database of client schools is limited to names and email addresses, and that the company does not store payment information, school records, social security or social security numbers. other personal information.
A spokeswoman told TechCrunch Thursday night that 5,000 of its total 8,000 global customers were affected by the incident.
Finalsite, with offices in Connecticut and the UK, provides website, marketing and communications platforms for schools and universities in 108 countries. It is a holding company of Bridge Growth Partners LLC.
Initially on Tuesday, Finalsite posted on its status page for customers that it was “investigating an issue causing increased error rates and performance issues,” and it posted updates to the ” failure continues “several times a day without mentioning the cause of the problem. breakdown – until Thursday noon.
At 12:04 p.m. Thursday, Finalsite acknowledged in a status update that the ransomware was the cause and said it was detected on Tuesday.
âWe are incredibly sorry for this prolonged outage and are fully aware of the stress it is causing your organizations. While we made progress overnight to get all websites up and running, the full restore took us longer than expected, âthe status update said. âThe Finalsite security team monitors our network systems 24/7. On Tuesday, January 4, our team identified the presence of ransomware on some systems in our environment. We took immediate action to secure our systems and contain activity. We quickly launched an investigation into the event with the help of third-party forensic specialists and began to proactively take some systems offline.
âSince the incident, our security, infrastructure and engineering teams have worked tirelessly to restore backup systems and restore our network to peak performance in a safe and secure manner. Third party forensic specialists help us bring things back slowly and carefully to ensure the environment is safe and stable. “
Starting at 2 p.m. on Friday afternoon, the company said, âWe are continuing to work to restore administrator access as quickly as possible, and many other sites can now connect. We continue to restore style, calendar events, and directory components. and will keep you posted on our progress along the way.
Cyber ââsecurity experts and even the US Department of Education have warned in recent months of a marked increase in cyber attacks on schools and universities, and the K-12 Cyber ââSecurity Act of 2021, enacted in October, orders the Cybersecurity and Infrastructure Security Agency to identify risks and provide resources to schools to better protect their computer security.
Kristal Kuykendall is editor-in-chief of 1105 Media Education Group. She can be reached at [emailÂ protected].