Cyber Incident Victim: Pittsburg Unified School District

The Pittsburg Unified School District in Pennsylvania experienced a disruptive ransomware attack during the winter break period preceding January 2020. District network systems, including internet servers and email services, were compromised by the attack, which was publicly disclosed by Superintendent Janet Schulze via social media on Monday night following the break. This disruption forced the district to suspend internet-dependent activities as students returned to classes on Monday, with Schulze announcing a temporary shift to traditional teaching methods using physical books and direct instruction. Critical operational systems remained functional, including student information databases and phone services, allowing schools to maintain basic administrative functions. The district responded by taking all affected servers offline, along with any potentially compromised systems, to contain the attack’s spread.

Normal teaching schedules resumed by Tuesday, though the district’s network systems remained under investigation. Schulze stated there was no evidence of personal data compromise but emphasized the investigation remained ongoing with support from external cybersecurity experts and two unspecified internet technology companies. Legal counsel specializing in ransomware incidents was also engaged to address potential ramifications. The incident marked the second ransomware attack affecting Contra Costa County systems in early January 2020, following a January 3rd attack on the Contra Costa County Library System that caused a network outage impacting services across 26 branches. Library services remained offline at the time of reporting, with public notifications acknowledging the ongoing disruption and investigation. The school district did not disclose ransomware specifics, payment demands, or attribution, citing the preliminary stage of their investigation.