Cyber Incident Victim: Centennial School District

On April 26, 2021, Centennial School District, serving the Portland area, canceled classes for two days following the discovery of a ransomware attack compromising its technology systems. District staff identified on Monday that an unauthorized actor had encrypted certain digital files, prompting an immediate shutdown of all technological infrastructure to prevent further unauthorized access. The preemptive system isolation disrupted normal operations, forcing the district to suspend Tuesday and Wednesday classes district-wide while technicians addressed the breach. Public access to the district’s website became unavailable during this period, hindering communication channels. No specifics regarding the ransomware variant, initial attack vector, or precise time of intrusion were disclosed in available reports.

The incident directly impacted educational continuity for students and staff, though the district did not confirm whether sensitive data was exfiltrated beyond file encryption. Containment efforts focused on system restoration and forensic analysis, with no public timeline provided for full recovery. Operational disruptions extended beyond classroom instruction, affecting administrative and communication systems critical for district functions. The district issued a formal statement acknowledging the encryption event but did not detail remediation costs, data loss scope, or potential identity theft risks to affected individuals. Response actions remained confined to technical isolation and investigation, with no disclosed coordination with law enforcement or third-party cybersecurity entities at the time of reporting.