Cyber Incident Victim: Luzerne County

In May 2019, Wyoming Area School District in Luzerne County, Pennsylvania, experienced a ransomware attack that encrypted and disabled its computer network. The malicious software locked administrators, staff, and students out of critical systems for multiple weeks, severely disrupting normal operations. District officials publicly confirmed the incident on an unspecified Tuesday following the attack’s discovery, though the exact initial detection date remains undisclosed. Facing prolonged paralysis of essential functions and lacking viable alternatives to restore access, the district opted to pay a ransom demand of $38,000 to the attackers. This payment was intended to obtain decryption keys or tools necessary to regain control of their network infrastructure. The decision reflected the operational urgency caused by the extended downtime, with no public indication that data theft occurred alongside the encryption.

The attack caused significant operational delays throughout the recovery period, as acknowledged by Wyoming Area senior Jack Dileo, who noted the incident "slowed things down" across school activities. While the specific systems affected beyond general network access weren’t detailed, the weeks-long disruption impacted administrative and educational workflows district-wide. The $38,000 ransom payment represented a direct financial loss, though no additional costs for forensic investigations, system restoration, or potential regulatory fines were disclosed publicly. District officials emphasized they perceived no alternative to paying the ransom to resolve the crisis, suggesting backups or other recovery methods were either unavailable or deemed insufficient during the incident response. The public confirmation of the payment marked a rare transparency about ransomware negotiations among educational institutions at the time.