Cyber Incident Victim: Miami-Dade County Public Schools

Miami-Dade County Public Schools (M-DCPS) experienced significant disruptions to its virtual learning platform at the start of the 2020-2021 school year, beginning with connectivity issues on the first two days of classes. The district attributed these problems to a combination of a software malfunction within its My School Online (MSO) platform and deliberate Distributed Denial-of-Service (DDoS) attacks targeting its network systems. Internet service provider Comcast confirmed the cyberattacks, which overwhelmed the district’s web-based infrastructure and prevented thousands of students and teachers from accessing online classes. While the software glitch was resolved by Monday night following the initial launch, the DDoS attacks persisted into the next morning, requiring continuous mitigation efforts by district IT teams. M-DCPS implemented immediate safeguards that successfully protected firewall integrity and prevented unauthorized access to student or employee personal data throughout the attacks.

The district responded by directing affected users to alternative connection methods, including Microsoft Teams and Zoom, particularly for grades 6 through 12, while maintaining the K12 platform for Pre-K-5 students based on stability assessments. By the second day, approximately 200,000 students had established stable connections and were advised to remain logged in to avoid further disruptions. M-DCPS coordinated with federal law enforcement agencies, including the FBI and U.S. Secret Service, to investigate the attacks and identify perpetrators for prosecution. These sustained cyberattacks caused widespread operational interruptions across all web-dependent district systems but did not compromise sensitive information or permanently disable critical infrastructure. The district maintained public communication through official channels, including Twitter updates, to manage user expectations and provide technical guidance during the incident.