Cyber Incident Victim: Monroe Public Schools

Monroe Public Schools in Michigan experienced a cybersecurity incident discovered on June 10, 2021, when unauthorized actors encrypted certain systems and files. The district immediately secured their network, removed the malware, and initiated efforts to restore data and functionality. A subsequent forensic investigation determined the attackers had accessed the network between June 9 and June 10, 2021, during which they both encrypted files and exfiltrated a limited number of files and folders. While the district's notification letter redacted specific data types involved, evidence indicated social security numbers were compromised for at least some affected individuals. The district explicitly stated no student or parental information was accessed or impacted by the breach.

On January 7, 2022, the district, through external counsel, began notifying 1,201 individuals whose data was potentially exposed during the incident. The notification did not specify whether affected parties were current employees, former employees, or a combination of both. Monroe Public Schools emphasized they found no evidence suggesting the exfiltrated data had been misused or would be misused in the future. The district declined to disclose the specific type of malware involved in the attack or whether a ransom demand accompanied the encryption event. Restoration efforts focused on recovering encrypted systems while maintaining operations following the containment measures implemented immediately after detection.