Cyber Incident Victim: River Parishes Community College
Date:
Mar 2023
Location:
United States of America
Summary
A Louisiana community college was among five higher education institutions that proactively shut down network systems following the discovery of cybersecurity compromise indicators. The response involved disabling campus internet, Wi-Fi, email, and learning management platforms to implement security enhancements while collaborating with state law enforcement and emergency preparedness agencies. Restoration efforts included rebuilding network components and deploying advanced security tools, with some institutions transitioning temporarily to remote operations. While core student information systems remained unaffected due to off-site hosting, investigations continued to determine potential data exposure, with promises of breach notifications if warranted. Services were incrementally restored across several days, though certain applications remained disrupted during recovery.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 3 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In March 2023, Louisiana State Police Cyber Crime Unit identified potential indicators of compromise within the networks of multiple educational institutions, leading five colleges and universities—including River Parishes Community College (RPCC), University of New Orleans (UNO), LSU Agricultural Center, Nunez Community College, and Southern University at Shreveport—to proactively shut down their campus internet systems on March 24. The coordinated response was initiated after state law enforcement discovered evidence suggesting unauthorized network access, though specific technical details about the intrusion vectors or threat actors were not disclosed. RPCC Chancellor Quintin Taylor described the action as addressing an immediate cyber risk identified during a comprehensive network review. All affected institutions collaborated with the Governor’s Office of Homeland Security and Emergency Preparedness and Louisiana State Police to implement restorative measures, which included removing threat actor capabilities, operationalizing enhanced security tools, and rebuilding compromised network components.
The network shutdowns disrupted campus Wi-Fi, email, learning management systems (such as Moodle), and enterprise platforms (including Workday and PeopleSoft), forcing operational adjustments across campuses. RPCC took its network offline on March 24 afternoon but later restored services after fortifying its infrastructure, noting that off-site student information systems remained unaffected. UNO and Southern University at Shreveport partially restored email, Zoom, and limited Wi-Fi by March 27, though services like guest Wi-Fi remained offline. Nunez Community College shifted to remote operations on March 27, while Southern University at Shreveport held all classes virtually indefinitely. Investigators worked to determine whether data exfiltration occurred, with UNO pledging to notify affected individuals if personal information was compromised. Although no institution confirmed ransomware involvement, the incident followed a pattern of attacks targeting Louisiana schools, including a February breach at Xavier University and a March attack at Southeastern Louisiana University. By March 27, most institutions had resumed partial operations, with ongoing forensic reviews and security enhancements under law enforcement supervision.