Cyber Incident Victim: Butler County Community College
Date:
Feb 2020
Location:
United States of America
Summary
Butler County Community College experienced a ransomware attack that encrypted and disabled its file systems. The institution is recovering from the incident, with no compromise of personal information for students, staff, faculty, or administrators confirmed by its IT leadership.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Butler County Community College experienced a ransomware attack over the weekend of February 15-16, 2020, which encrypted and disabled institutional file systems. The encryption of critical data infrastructure disrupted normal operations by rendering affected systems inaccessible. College officials, including Director of Information Technology Matt Miller, confirmed the incident involved ransomware but did not specify the variant or initial attack vector. The attack timeline indicates systems were compromised during the weekend period, though the exact time of initial intrusion remains undisclosed. No evidence suggested data exfiltration occurred alongside the file encryption.
BC3 initiated recovery procedures immediately following the detection of the ransomware's impact. Miller publicly stated that no personal information belonging to students, employees, faculty members, or administrative personnel was compromised during the incident. The college focused on restoring encrypted systems from backups and rebuilding affected infrastructure without paying ransom demands. By February 16, the institution reported significant progress toward full operational recovery, though the complete restoration timeline was not detailed. The disruption remained confined to system availability issues, with no long-term data exposure consequences confirmed by the college's investigation.