Williamsburg/James City County schools are working to recover from a cyber-hacking incident that disrupted the system this week, officials said.

“Working alongside some of the nation’s leading cybersecurity professionals, we are collaborating with local and federal law enforcement to determine the full scope and source of the incident,” said Acting Superintendent Daniel Keever. “These investigations typically happen over several weeks but understanding how this happened and restoring all operations are priorities.”

The attack was discovered last weekend and prevented students from virtual classes when winter weather closed schools on Tuesday.

Between 2016 and 2022, schools teaching kindergarten through high school reported 1,619 cyber incidents, according to a report by K12 Security Information Exchange. The nonprofit organization, which helps protect schools from cybersecurity attacks, added 10-20 times as many incidents may go unreported each year.

In an email to parents Keever assured them that “this incident has not impacted our facilities’ physical security, including our alarm and phone systems.”

A school spokeswoman did not respond to questions about whether any data breaches occurred that might compromise sensitive student or staff data, or whether ransomware – where hackers demand payment to reverse their damage – was involved.

Last month hackers breached the Student Information System at Power School, which helps schools keep track of millions of K-12 students and collects a range of personal data depending on the school system. The WJCC schools spokeswoman did not respond to a question about whether the school system uses that product.

Comparitech, a consumer cybersecurity site, reported 2023 saw a record-breaking number of 121 ransomware attacks on schools and colleges that cost these institutions an average of $500,000 a day in downtime.

Educational facilities are at bigger risk of cyber attacks because their security protocols are often not as robust as those at banks or other institutions that handle sensitive data, experts say.

“We have communicated with our families and faculty daily since the incident and are committed to keeping them informed as we learn more,” Keever said.

Share

W&M Law School Mistakenly Sends Acceptance emails to 410 applicants

It hasn’t been a great time, technology-wise, for William & Mary Law School either.

Due to what a school official called “a technical error in our system”, 410 applicants received an incorrect notice via email about their admission status.

They included students who had been admitted, those who were waitlisted, those who had withdrawn or were under review, and a small number who had been denied admission, said Issa DiSciullo, associate dean for admissions and financial aid at the law school.

A school spokeswoman said no hacking was involved in the incident.

“We have contacted the applicants impacted personally apologizing for any confusion or distress this may have caused,” DiSciullo said. “We recognize the emotional impact of such an error, and we are taking immediate steps to prevent it from happening again.

“Our team is actively reviewing our processes to strengthen safeguards and ensure greater accuracy in our communications,” he added. “Applicants who received an incorrect letter have been contacted directly with clarification.”

Di Sciullo said that when they received the update, “applicants responded with gratitude and understanding, with many still considering William & Mary Law School as their top choice,” Di Sciullo said.

Headlines Around Virginia

UVA to resume transgender care, VCU waiting to respond (requires subscription)

Virginia Beach will close budget deficit without raising taxes

School funding showdown looms as legislature sends sales tax bill to Youngkin again