Cyber Incident Victim: Penn-Harris-Madison School Corporation

The Penn-Harris-Madison School Corporation’s technology department notified administrators of a breach on Monday morning. School officials reported that Wi‑Fi and internet service were disrupted as they worked to isolate the threat. To contain the incident, the district limited internet access across its networks. The technology team confirmed that Google Workspace and Clever remained operational, while the Canvas learning management system experienced issues.

District officials indicated that the Canvas problems were expected to be resolved by Tuesday, March 4. Despite the disruption, students and staff continued to be able to use Chromebooks, laptops, cell phones and other cloud‑based applications. The corporation emphasized that its student database does not digitally collect or retain social‑security numbers. In addition, the district noted that scheduled testing and assessments were not expected to be affected by the incident. The ransomware event follows a previous malware incident in 2019 that impacted thousands of students within the PHM system. Mike Chapple, an IT professor at the University of Notre Dame and former NSA computer scientist, explained that the malicious software had entered one or more of the district’s computer systems and encrypted the data stored on those systems. He also noted that the situation could serve as a learning opportunity for teachers and students to discuss safe internet practices.