Cyber Incident Victim: Southern University at Shreveport
Date:
Mar 2023
Location:
United States of America
Summary
Southern University at Shreveport responded to indicators of compromise by proactively shutting down campus internet, Wi-Fi, and other critical network systems alongside four other Louisiana institutions. The disruption affected email, learning platforms, and administrative services, prompting a coordinated response with state police and emergency preparedness agencies to implement enhanced security measures. While forensic investigations continued to assess potential data compromise, the university transitioned to virtual classes during network restoration, gradually resuming limited services like email and Wi-Fi. The incident reflected broader cybersecurity challenges in the education sector, with responders prioritizing threat mitigation and monitoring for unauthorized data exfiltration, though no confirmed ransomware activity was reported.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 5 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On March 24, 2023, Louisiana State Police Cyber Crime Unit discovered potential indicators of compromise within the networks of multiple higher education institutions across Louisiana. This prompted the University of New Orleans, LSU Agricultural Center, Nunez Community College, River Parishes Community College, and Southern University at Shreveport to initiate emergency network shutdowns by Friday afternoon. The proactive disruption aimed to contain the potential cyber threat and implement security enhancements. Southern University at Shreveport's Facebook announcement on March 25 confirmed campus internet, Wi-Fi, and their official website were intentionally taken offline. The University of New Orleans additionally disabled critical systems including email services, Moodle learning platform, Workday, and PeopleSoft applications, impacting approximately 7,000 students. These institutions coordinated their response with the Louisiana Governor’s Office of Homeland Security and Emergency Preparedness and state police cyber specialists.
By Sunday, March 26, restoration efforts commenced with some Wi-Fi and email services returning at select campuses. River Parishes Community College completed network reconstruction with strengthened security controls and resumed full operations by March 27, noting their offsite student information systems remained unaffected. Southern University at Shreveport maintained virtual classes through March 27 with guest Wi-Fi and certain applications still offline, while Nunez Community College operated remotely that Monday before anticipating normal operations to resume Tuesday. University of New Orleans restored limited internet access and Zoom capabilities by March 27 but continued investigating potential data compromise, pledging breach notifications if personal information was exposed. Louisiana State Police forensic teams conducted ongoing investigations across all institutions to determine attack vectors and data exfiltration scope. The incident occurred three weeks after Southeastern Louisiana University confronted a separate cyberattack and followed a February disclosure by Xavier University of Louisiana regarding a November 2022 breach affecting 44,000 individuals. No institution confirmed ransomware involvement despite expert analysis suggesting the rapid containment aligned with pre-encryption threat mitigation strategies observed in other education sector incidents earlier in 2023.