Cyber Incident Victim: Central Piedmont Community College
Date:
Feb 2021
Location:
United States of America
Summary
Central Piedmont Community College experienced a ransomware attack prompting immediate precautionary measures, including taking critical systems such as phones, email, and learning management platforms offline while maintaining website operations for updates. The institution collaborated with state and federal agencies to assess the intrusion’s scope and restore services, finding no evidence of personal data compromise; recovery timelines remained uncertain, though backups were expected to aid the process. Communication with stakeholders continued via text, social media, and the website as work progressed to reinstate impacted academic and administrative systems.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Central Piedmont Community College disclosed a ransomware attack on February 10, 2021, prompting immediate containment measures. Information Technology Services (ITS) staff took critical systems offline as a precautionary step by Wednesday evening, including college phone lines and email services. The primary college website remained operational throughout the incident, serving as a central hub for status updates alongside text messages, voicemail broadcasts, and social media platforms. Restoration efforts commenced on February 11, with ITS prioritizing system recovery while simultaneously assessing the scope of the intrusion. The college coordinated its response with external agencies, including the North Carolina Community College System (NCCCS), the North Carolina Department of Public Safety, and the Federal Bureau of Investigation (FBI). Initial forensic analysis found no evidence suggesting unauthorized access to or exfiltration of personal data belonging to students, faculty, or staff.
Multiple critical systems remained offline following the attack, significantly disrupting college operations. The outage impacted Blackboard and Brightspace learning management systems (LMS), hindering access to course materials and assignment submissions. College officials acknowledged the uncertainty surrounding restoration timelines but indicated existing backups might facilitate recovery efforts. Academic continuity plans were adjusted, with instructors instructed to address missed assignments and communicate revised expectations once systems became operational. The college emphasized its collaboration with law enforcement and cybersecurity partners throughout the investigation and recovery process. Operational disruptions persisted as work continued to restore affected infrastructure, with the college relying on non-email communication channels to provide updates until full system functionality returned.