Cyber Incident Victim: Riverhead

On December 3, 2021, the Riverhead Central School District in New York experienced a ransomware attack that disrupted its technology infrastructure. The district first acknowledged technical issues at 8:48 a.m. through social media, initially describing the situation as an internet and email outage while confirming phone lines remained operational. Officials later identified the incident as a ransomware attack that forced the complete shutdown of computer systems, estimating recovery could take several days. The attack paralyzed primary communication channels, prompting the district to direct parents to contact schools via telephone instead of email. A notice posted on the district's website reiterated this guidance while offering no specific timeline for restoration of services.

The incident's full scope became clearer months later when a March 2022 filing with the Maine Attorney General's Office revealed the breach affected 22,050 individuals, including current and former students and employees. The ransomware attack caused extended operational disruptions to critical systems, though the district did not disclose whether data was exfiltrated or encrypted. No ransomware group claimed public responsibility for the incident based on available information. District administrators maintained communication through basic channels like phone calls and website updates while working to restore systems. The attack highlighted vulnerabilities in educational infrastructure, though specific technical details about intrusion methods or ransom demands remained undisclosed in public reporting. Recovery efforts focused on rebuilding compromised systems without confirming whether the district engaged with threat actors.