Huntsville City Schools says third party systems holding student data were not compromised in ransomware attack


HUNTSVILLE, Ala. – The investigation into a possible ransomware attack on the Huntsville City School district is ongoing, and the system released that the systems primarily responsible for holding student data were not compromised.

“Those primary systems that do house student information, iNow and PowerSchool, do not appear to be compromised as part of the cybersecurity threat,” said Craig Williams, Chief Communications Officer for HCS.

They also say there appears to be no evidence that Chromebooks were impacted, the devices used by K-8th grade. There are still questions about Windows devices.

“Students in grades 9-12, as well as our teachers, they’re the ones who use those Windows devices,” said Williams. “I want to be very intentional about not necessarily, definitively saying at this point those devices are compromised at the high school level. We do want to re-examine them, we do want to bring them in for further inspection to see kind of what that looks like first-hand.”

The district will be collecting all high school student devices and replacing all teachers devices. Williams says the new devices are already owned by HCS and are in storage.

There is no timeline on when the new devices will be issued to teachers, when high school students will be re-issued Windows devices, or when all other students will be able to use the Chromebooks again.

“When we will return to normal operations… I don’t really want to speculate on that, standing where we are today,” said Williams. “But I can say that we will continue using paper, pencil until we are able to turn back to those traditional technology methods.”

Read the full letter from Superintendent Christie Finley to parents below:

Dear HCS Families, 

I am writing to provide you with an important update related to the district’s ongoing cybersecurity situation based on where we are with our process. 

Our IT Team, in conjunction with our outside cybersecurity experts, has confirmed the third-party systems hosting student information were not compromised as part of this threat. These systems include iNow and PowerSchool. 

Additionally, there is no evidence at this time to suggest that Chromebooks used by students in grades K-8 were impacted. 

Our main area of focus is for Windows devices, which are used by high school students and teachers. As a precautionary measure, we are making plans to collect all high school student devices and replace all teacher devices. We will be working to re-issue high school student devices as quickly as possible. These plans will be communicated by each school. 

While we are very pleased to share this update today, we remind our families that both our internal and external cybersecurity experts are working tirelessly to remedy the issue. I remind everyone that while we have made progress since last Monday when we first learned of the threat, this process is a marathon rather than a sprint and often takes months to complete to fidelity. 

We thank you for your continued support, and I will continue to keep you informed of any updates. 

Very respectfully, 

Christie Finley

HCS Superintendent 

Trending Stories

Latest News

More News