Cyber Incident Victim: Wallace State Community College
Date:
Jan 2020
Location:
United States of America
Summary
Wallace State Community College delayed its spring semester start due to a malware attack that disrupted critical systems, though no personal data was compromised. The institution temporarily took down student-facing platforms including Blackboard, email services, and registration systems to contain the incident, extending registration deadlines while restoring operations from backups. IT teams worked continuously to recover affected systems, advising students and faculty via a dedicated webpage, social media, and emergency alerts. Online coursework and administrative functions remained inaccessible during recovery, prompting instructors to adjust assignments. The attack originated overnight after suspicious computer activity was detected, with law enforcement notified to investigate.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 4 motives | 6 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Wallace State Community College experienced a cyberattack that disrupted its operations in early January 2020, forcing a postponement of the spring semester. The incident was detected overnight between Thursday, January 2, and Friday, January 3, when the college's Information Technology department identified suspicious computer activity and confirmed a malware intrusion. As a containment measure, administrators proactively took multiple systems offline—including the Blackboard learning management system, student email services, and the myWallaceState portal—to prevent the malware from spreading beyond its initial point of entry. This precautionary shutdown directly impacted academic functions, leading the institution to delay the semester start from January 6 to January 8. Registration deadlines were extended through January 15 to accommodate the disruption. College spokesperson Kristen Holmes emphasized no personal data—such as student records, transcripts, financial aid details, or other sensitive information—was compromised during the attack. The college notified law enforcement agencies to investigate the incident's origin but did not disclose specific attribution details.
The college established a dedicated webpage (wallacestate.edu/cybersecurity) to communicate real-time recovery updates and provided alternative access to myWallaceState accounts for registration and tuition payments. Administrative staff reported to campus on January 6 as planned, assisting students with in-person inquiries while IT personnel worked to restore systems using unaffected backups. Holmes acknowledged the institution's reliance on technology made it vulnerable to such attacks despite existing security measures and staff training. Recovery efforts involved rebuilding systems from clean backups, a process expected to take several days. Faculty were instructed to adjust coursework deadlines to mitigate academic impacts from the delay. The college used its Lion Alert emergency notification system and social media channels to disseminate updates, maintaining operational transparency throughout the incident. No ransomware demands or data exfiltration claims were referenced in public statements, with the focus remaining on system restoration and academic continuity.