Cyber Incident Victim: Morehouse Parish Schools

On July 17, 2019, Louisiana Governor John Bel Edwards declared a state of emergency following ransomware attacks targeting three public school districts—Sabine, Morehouse, and Monroe City—in quick succession. The Monroe City school district had been compromised the prior week, while Sabine and Morehouse parishes were attacked earlier in the same week as the declaration. The incident at Sabine Parish’s Florien High School was detected around 4:00 AM on Sunday, July 14, when the technology supervisor received an alert about unusually high bandwidth usage. Subsequent investigation revealed ransomware had infected the school’s servers. Eddie Jones, the school’s principal, confirmed that all data stored exclusively on the district’s servers—including 17 years of his personal documents—was rendered irretrievable due to the attack. Morehouse Parish reported comparatively limited operational disruption, stating its payroll and other major systems remained functional.

Governor Edwards’ emergency declaration activated Louisiana’s Cybersecurity Commission—established in 2017—for the first time, enabling the deployment of National Guard cybersecurity personnel and resources to assist recovery efforts, mirroring Colorado’s 2018 response to a similar incident. The declaration also imposed price controls on goods and services within the emergency area to prevent opportunistic overcharging by vendors, such as IT consultants assisting with system restoration. While the specific ransomware variant and total number of affected systems were undisclosed, the attacks demonstrated significant localized impacts, particularly in districts lacking redundant data backups. The state’s response, including forensic efforts to identify the attackers and assess data loss or exfiltration, was framed as a test of Louisiana’s self-proclaimed leadership in cybersecurity preparedness.