Cyber Incident Victim: Commack School District
Date:
Nov 2022
Location:
United States of America
Summary
A New York school district experienced a ransomware attack, prompting its superintendent to notify parents and collaborate with federal, state, and local authorities, including Homeland Security, alongside their cyber insurance provider. The incident, treated as a criminal act, remains under investigation with no current evidence indicating unauthorized access to student or staff data. The district committed to directly informing affected individuals should further investigation reveal any compromise of personal information. No details about responsible threat actors or ransom demands were publicly disclosed at the time of reporting.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On November 9, 2022, Commack School District Superintendent Jordan Cox notified parents of a ransomware attack affecting the Long Island school district’s systems. The district engaged federal, state, and local authorities—including Homeland Security—to investigate the criminal incident, while simultaneously coordinating with its cyber insurance carrier. Cox emphasized that no evidence indicated unauthorized access to student or staff information at the time of the notification, though the investigation remained ongoing. The district committed to contacting affected individuals if subsequent findings revealed any compromise of personal data. No operational disruptions or specific impacted systems were disclosed in the initial communication.
The superintendent characterized the attack as part of a broader pattern of ransomware incidents targeting educational institutions. Authorities did not publicly attribute responsibility to any specific threat actor or group, and the district did not confirm whether a ransom demand had been issued. Commack’s response prioritized collaboration with law enforcement and cyber insurance professionals to assess the scope and mitigate consequences. The lack of confirmed data exposure at the notification stage shaped the district’s initial public communications, focusing on transparency about the investigative process rather than confirmed impacts. Further updates were contingent on forensic findings from the active criminal investigation involving multiple government agencies.