Cyber Incident Victim: North Idaho College
Date:
Nov 2022
Location:
United States of America
Summary
North Idaho College experienced a cybersecurity incident prompting an immediate network shutdown to contain the disruption, causing widespread system outages. The institution restored most critical systems within a day and engaged third-party forensic experts for an ongoing investigation, with law enforcement notified. While prioritizing remediation and system security, the college continues working to fully understand the incident’s scope and has committed to updating its community appropriately. This attack aligns with broader trends targeting U.S. educational institutions, where ransomware groups frequently compromise networks and exfiltrate data.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
North Idaho College experienced a cybersecurity incident in late October or early November 2022 that prompted its information technology team to immediately shut down all college networks as a containment measure. The community college, serving approximately 6,000 students in Coeur d'Alene, disclosed the attack publicly on November 3 after initiating recovery efforts. Network outages disrupted multiple institutional systems, though critical operations were restored within 24 hours of the shutdown. College administrators engaged third-party forensic specialists to investigate the incident's nature and scope, with law enforcement notified of the ongoing probe. While the institution communicated preliminary details to students and staff, officials emphasized their investigation remained incomplete and pledged further updates as appropriate. No confirmed data breach was disclosed during the initial reporting period, though the college acknowledged prioritizing system remediation and maintaining operational security throughout the process.
The incident occurred amid heightened targeting of U.S. higher education institutions by ransomware groups, with at least 35 colleges and universities compromised in 2022 according to cybersecurity analysts. Twenty-four of those attacks resulted in confirmed data exfiltration and public leaks, including incidents at Savannah College of Art and Design, College of the Desert, and Austin Peay State University. Community colleges proved particularly vulnerable, with Kellogg Community College canceling classes for multiple days following a May 2022 ransomware attack. The FBI had previously warned that Russian cybercrime forums contained substantial caches of stolen credentials and VPN accesses belonging to U.S. academic institution employees, though no specific attribution was provided for the North Idaho College incident. Forensic investigators continued working to establish the attack's technical parameters and potential data exposure while the college maintained its restored network operations.