Getting your Trinity Audio player ready...
|
The Alabama State Department of Education (ALSDE) fell victim to a cyber attack last month, Superintendent Eric Mackey announced on Wednesday. While the attack was intercepted by state internet security workers, some student and teacher data was compromised.
At a news conference, Mackey detailed the department’s ongoing investigation to determine the extent of the data breach. “The department immediately began working with state and federal law enforcement, the Alabama Attorney General, the Alabama Office of Information Technology, and an independent contractor known for anti-hacking expertise to strengthen our cyber defenses and assess the compromised data,” Mackey stated. He added that the investigation is still ongoing.
Following the attack, services have been restored and additional cybersecurity protocols have been implemented. Mackey assured that notification will be made to the affected parties in compliance with applicable laws and best practices once the specific data compromised is identified.
The breached data potentially includes personally identifiable information such as names, addresses, and Social Security numbers, which could be used in identity theft schemes. Mackey advised all educators to monitor their credit as a precaution. He clarified that financial information like credit card numbers or bank routing numbers, which are not stored in the ALSDE system, was not part of the breach.
“Our security team successfully halted the attack before hackers could fully breach the department servers and re-encrypt the system for ransom,” Mackey explained. “All data have been restored using clean backups, and on the FBI’s advice, ALSDE will not pay any ransom for breached data.”
Due to legal counsel, Mackey could not share more details but directed individuals and the media to visit the department’s landing page at www.alabamaachieves.org/databreach or submit inquiries to databreach@alabamaachieves.com.
Mackey disclosed that the attack occurred on June 17 and was swiftly interrupted by the department’s staff. Although it was confirmed to be a denial-of-service attack aimed at encrypting and stealing data for ransom, the exact data taken is still being assessed. He also mentioned the possibility of foreign involvement but could not provide further details.
The ALSDE’s response team, including the Alabama Attorney General and the Alabama Office of Information Technology, is actively working to bolster cyber defenses and identify the compromised data.