Post Detail

FOLLOW-UP: ‘They’re attractive targets’: Cybersecurity attacks on schools are becoming more frequent and severe

Highline Public Schools, a 17,500-student district south of Seattle, canceled classes for Monday due to a cyberattack.

In an announcement posted Sunday, the district said it had “detected unauthorized activity on our technology systems and have taken immediate action to isolate critical systems. We are working closely with third-party, state and federal partners to safely restore and test our systems.”

The closure impacts all school activities, athletics and meetings for the district.

Highline Public Schools only started classes on Wednesday, and the first day of kindergarten was scheduled for Monday. They will determine by 2 p.m. if the closure will continue into Tuesday.

School districts are an appealing target “due to the extensive amounts of personal and financial data they maintain about our kids, teachers, school staff and records on the schools themselves,” states the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) website.

On average, there is more than one attack on K-12 schools per school day, according to CISA. While managing large amounts of sensitive information, districts typically lack the funds to install robust cybersecurity programs.

By Sunday afternoon, district specialists had not detected thefts of staff or families’ personal information, district spokesperson Tove Tupper told the Seattle Times. The loss of computer access due to the attack disables communications systems, the ability to dispatch buses and other transportation, and updates to attendance records, Tupper also said.

Depending on the nature of the cybersecurity attack, the crime can have significant, long-term impacts.

In 2023, hackers attacked Minneapolis Public Schools, ultimately releasing data online that included Social Security numbers, details about school security, special education records, and health information including sexual assaults, NPR reported.

The Los Angeles United School District was attacked two years ago, and this summer the district was investigating reports that information on teachers and students stolen in the security breach was posted for sale on the dark web.

Other essential institutions such as public ports, health providers and libraries are likewise vulnerable.

The Port of Seattle and Seattle-Tacoma International Airport faced a cyberattack late last month that disabled in-airport WiFi and disrupted baggage services. Many TV screens showing flight info and security line wait times were blacked out. Security and screening operations were uninterrupted and a handful of flights were canceled. Most airport functions had returned to normal by last week.

In May, the 27-branch Seattle Public Library system was hit by a ransomware attack that partially crippled the institution. It took three months until the libraries were able to get all of their tech-enabled systems and services up and running again.

Last November, hackers targeted Seattle’s Fred Hutchinson Cancer Center in a ransomware attack that upset operations and resulted in leaked patient information and emailed threats against patients.

In August 2023, CISA and the U.S. Department of Education released a report called K-12 Digital Infrastructure Brief: Defensible and Resilient that addressed online security and privacy in the schools.

West Seattle Blog first posted news of the Highline Public Schools closure on Sunday afternoon.

The district spans the cities of Burien, Des Moines, Normandy Park, SeaTac and White Center.