Cyber Incident Victim: Somerset Hills School District

The Somerset Hills School District experienced a ransomware attack that disrupted its operations shortly after the start of the 2020-2021 academic year. On Tuesday, September 8, 2020, following just one day of in-person classes, the district abruptly closed Bernardsville Middle School and Bedwell Elementary School due to an "unexpected network disruption." Superintendent Gretchen Dempsey announced the network would remain offline for 48 hours, forcing affected students into virtual learning through Thursday, September 10. By September 10, forensic investigation revealed the disruption was caused by ransomware deployed after Friday, September 3, which encrypted a limited portion of the district's network infrastructure. The attack prevented normal access to systems critical for school operations, though district officials did not disclose specific affected applications or devices.

The district engaged industry-leading forensic experts to contain the incident and restore network functionality safely. Superintendent Dempsey stated there was no evidence of data exfiltration or misuse of information by the threat actor, though the ransom demand amount remained undisclosed. Recovery efforts extended virtual learning for all district students through Monday, September 14, with officials expressing hope for restored network operations by that date. Concurrently, the district faced growing COVID-19 cases within the school community, though this health crisis remained operationally separate from the cyber incident. District leadership coordinated with Bernards Township and Somerset County Health Departments for contact tracing while managing the technology outage. The dual challenges of ransomware recovery and pandemic response created compounded operational strain during the critical reopening period.