ATHENS, Texas — Athens ISD Board of Trustees voted to pay a $50,000 ransom to recover school data following a criminal ransomware attack.
The ransomware encrypted data stored on the district's servers, including backups systems and hundreds of computers. Access to all data has been blocked, including teacher communications, student schedules, grades and assignments.
As a result, the first day of school will be delayed to Aug. 10. AISD Superintendent Dr. Janie Sims says she will notify parents no later than Thursday, Aug. 6, if the one-week delay will have to be pushed back another week.
“The first thing we want to do is ensure our staff and student families that, to the best of our knowledge, no personal data has been compromised,” Sims said. “Whoever is behind this attack has not taken the information; they have encrypted it so that we have no access unless we meet their ransom demand.”
AISD says the district does have cyber attack included in its insurance coverage, and a claim is being processed.
“We can’t afford to not pay it,” AISD Board President Alicea Elliott said. “It would take us months to rebuild all that data so that we could start school.”
“I want our families to know we will keep them informed,” Sims said. “This is a rapidly evolving and complex situation, and we are still working out the level to which we’ve been impacted and how best to respond.”
Members of the AISD Technology Department are working with teams from the Region 10 Educational Service Center and a division of the Center for Internet Security to resolve the situation.
“They have indicated [our IT department] could not have done more to mitigate this happening,” Sims said. “This has happened to at least 6 or 7 other districts in East Texas. We prepared as much as we could. There’s no way to be 100% safe.”
According to the cyber security research firm Emsisoft, the U.S. was hit by an unprecedented barrage of ransomware attacks in 2019 that impacted at least 966 government agencies, educational institutions and healthcare providers.