School website provider Finalsite says no data theft in ransomware incident
Written by Benjamin Freed
A spokesperson for Finalsite, a company that provides web hosting services for K-12 schools and some colleges, said Monday that it was largely recovered from a ransomware incident detected last week that l prompted thousands of school client websites to be taken offline.
Spokeswoman Morgan Delack also said there was no evidence the data on the thousands of sites he disabled during the attack was taken by malicious actors, although She said the company only manages information that is already publicly available, such as school calendars and staff directories.
“We don’t store credit card numbers, academic records, social security numbers,” she said.
Delack also told reporters during a virtual press conference that the website outages experienced by the company’s customers – including 3,000 public schools in the United States – happened because Finalsite “took everything out online proactively” after detecting the network intrusion last Tuesday.
Each school, she said, has had its website restored, as the company has “rebuilt [operations] in a clean environment.
Delack said Finalsite was advised by its outside attorneys and a consulting firm, Charles River Associates. She said the company had identified the type of ransomware behind the incident, but declined to name it and said she could not provide further details on security and assessment practices. risks of Finalsite. She also did not say whether the attack was being investigated by state or federal law enforcement.
She said that while the thousands of school websites that Finalsite operates are up and running again, some haven’t had all of their content restored, as the company rebuilds its file download manager. Delack said the process involves moving “terabytes of information” and said the company “stays away from a concrete timeline.”
Cybersecurity incidents involving K-12 schools continue to be a pressing concern for state IT agencies, although industry experts believe that a large majority of attacks come from vendors. The K-12 Cybersecurity Resource Center and K12 Security Information Exchange estimated last year that more than three-quarters of data breaches in schools were tied to a technology vendor.