Vicksburg Warren School District investigating ‘security incident’ after becoming target of ransomware attack

District would not confirm or deny whether it paid the ransom -- using taxpayer money in the process
Updated: Jun. 14, 2021 at 10:24 PM CDT
Email This Link
Share on Pinterest
Share on LinkedIn

VICKSBURG, Miss. (WLBT) - Weeks after high-profile hacks showed how vulnerable our pipelines and infrastructure could be, we’re now learning data on students and faculty could also be up for grabs after two Mississippi school districts became the target of ransomware attacks.

The Mississippi Department of Education confirms officials with the Vicksburg Warren School District and George County School District reached out to the agency to let state officials know about the ransomware attacks.

Vicksburg Warren School District spokesperson Christi Kilroy wouldn’t say whether or not the “Grief” ransomware group was behind the attack, instead calling it a “security incident” the district was investigating with the help of a cybersecurity expert and law enforcement.

A post by “Grief” -- obtained by Mississippi Today -- shows the group taking responsibility for the Vicksburg-Warren hack, saying they had 10 gigabytes of data from the school district’s servers, including internal documents and personal information.

“Our systems are securely online, and we are working to determine what information might have been affected,” Kilroy said in an emailed statement. “As always, the safety and security of our staff and students remain a priority for the District.”

State Auditor Shad White says these kinds of issues are precisely why his office makes sure state agencies are protecting themselves against cyber attacks.

“Every form of government is responsible for protecting themselves and when they don’t, or if they get caught in a situation where they’ve done as much as they can but they still get made a victim of hacking, they end up in a bad position, and oftentimes have to pay money back,” White said.

The district would not confirm or deny it paid a ransom to the group responsible for the hack to keep sensitive documents from being released.

White said in situations where hackers effectively hold organizations hostage with their own sensitive material, disclosing payment to the public is essential because that ransom payment is made up of taxpayer dollars.

“You should know how the government is using your money. It may be uncomfortable for an office to admit how much they pay, but I can tell you, if my office got ransomware, we would have to go to the Legislature, we would have to ask for an amount of money, it would be public, everybody would know it,” White said. “And that’s part of this process. Part of the process is making sure the public knows where exactly their money is going.”

Kilroy would not elaborate on what law enforcement agencies were investigating the attack and declined an on-camera interview.

Copyright 2021 WLBT. All rights reserved.