Cyber Incident Victim: Southeastern Louisiana University
Date:
Feb 2023
Location:
United States of America
Summary
Southeastern Louisiana University encountered a significant network disruption affecting critical systems including email and Moodle, prompting extended outages and maintenance while investigations continued amid unconfirmed reports of ransomware involvement. The university did not verify whether student or faculty data was compromised but acknowledged potential unauthorized access, which could necessitate breach notifications if confirmed. Institutional operations were interrupted, though the full scope and root cause remained unclear at the time of reporting.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On February 25, 2023, Southeastern Louisiana University (SLU) publicly disclosed through a Facebook post that it was experiencing a significant network and system disruption affecting multiple critical computer-based systems. The university confirmed that platforms including Moodle—its learning management system—and institutional email services would likely remain inaccessible through the weekend as the disruption persisted. SLU characterized the incident as prompting ongoing system maintenance activities but provided no explicit details about its origin or technical nature. Initial operational impacts included widespread disruption to academic and administrative functions reliant on these systems, hindering communication and course management for approximately 14,000 students and 1,760 employees. External news reports shortly after the initial disclosure cited unnamed sources suggesting the incident involved a ransomware attack, though SLU neither confirmed nor denied these claims in any public statement or update at the time.
The university did not initially specify whether the disruption resulted in unauthorized access to or exfiltration of sensitive data, including student and faculty records maintained on affected systems. As of March 6, 2023, SLU had not published a formal Notice of Data Breach on its website nor confirmed the compromise of personally identifiable information. Public reporting frameworks highlighted SLU’s potential legal obligation under existing data breach notification laws to inform individuals if their protected data was actually exposed—contingent upon confirmation from a completed forensic investigation. The Facebook announcement remained the university’s sole direct communication channel regarding incident status updates beyond initial acknowledgment. No additional technical details about containment measures, threat actor behaviors, forensic findings, or data restoration timelines were disclosed by SLU within the first ten days following the network disruption. System restoration efforts and continued maintenance were framed by the institution as priorities necessary to resume normal operations.