Huntsville City Schools issues cyber attack update on Monday

Huntsville City School parents concerned over cyber attack
Huntsville City School parents concerned over cyber attack
Updated: Dec. 21, 2020 at 12:15 PM CST
Email This Link
Share on Pinterest
Share on LinkedIn

HUNTSVILLE, Ala. (WAFF) - Huntsville City Schools will hold a media briefing this afternoon regarding a cyber attack that happened at the beginning of December.

The briefing will be held at the Annie Merts Center at 1:30 p.m.

Prior to the media briefing, Huntsville City Schools released new details about November’s ransomware attack.

On or around November 29, 2020, the District experienced a ransomware attack. Ransomware is a malicious software (called “malware”) that denies access to computer devices or files until a ransom is paid. To date, the District has not contacted the attacker or paid any ransom.

The following non-public, personally identifiable information may have been accessed as part of the ransomware incident:

State Student Identification Number (SSID) – For students enrolled during the following calendar years:

  • 2013
  • 2016
  • 2020

Email addresses for Parents

  • Linked to SSIDs of students enrolled during calendar year 2020

Social Security Numbers

  • Employees who worked for the District from 2010-2020
  • Contractors who performed services for the District from 2010-2020
  • Students who participated in a club called “Fantastic Four” during calendar year 2008

Immediately upon learning of the attack, the District’s IT Team took steps to stop the spread of the ransomware. Additionally, the District’s administration engaged outside cybersecurity experts and law enforcement officials to secure the District’s network. The District continues to work with outside cybersecurity experts to do the following:

  • Recover backup files to work around the disruption caused by the ransomware attack;
  • Install and implement additional cybersecurity software designed to harden the District’s network against future attacks;
  • Issue new devices to faculty and staff;
  • Reimage impacted student devices;
  • Implement improved encryption processes which will better protect files, including those with personally identifiable information, on the District’s local servers; and
  • Train faculty, staff, administrators, and students on cybersecurity awareness.

If you believe you may be one of the individuals impacted by the cybersecurity incident, please remain vigilant, watching for instances of fraud or identity theft over the next 12 to 24 months by reviewing your account statements and monitoring your credit reports. You may obtain a free copy of your credit report once every 12 months from each of the three nationwide credit reporting agencies. To order your free annual credit report, please visit or call 1-877-322-8228.

See the full notice issued by HCS here.

Copyright 2020 WAFF. All rights reserved.