Cyber Incident Victim: Mount Zion School District

On or around February 4, 2019, foreign hackers targeted Mount Zion School District’s computer systems in an attack that encrypted multiple servers, rendering them inoperable. The encryption prevented access to district data but did not involve data removal from the systems. Superintendent Travis Roundcount confirmed the incident publicly through an email response to the Herald & Review and via a notice posted on the district’s official website. The attack resulted in the loss of 19 days’ worth of student grades across all schools in the district, representing a significant disruption to academic record-keeping. No additional details regarding the initial intrusion vector, specific malware used, or attacker identity were disclosed in the available reports. The district did not specify whether personal information of students or staff was compromised during the incident, focusing instead on operational impacts to grading systems.

District personnel worked to restore system functionality following the attack, with Roundcount stating that most data had been successfully recovered. The recovery process was not described in detail, though the outcome suggests backups or decryption methods were employed to regain access to the encrypted servers. The 19-day grade data loss remained the primary documented operational consequence, affecting academic reporting but not causing permanent data destruction. No ransomware payments or negotiations with threat actors were mentioned in the disclosure. The public notification occurred after initial containment efforts, with the district opting for direct communication through established channels rather than issuing formal press releases. The incident underscored vulnerabilities in the district’s infrastructure while demonstrating partial recovery capabilities through existing response protocols.