Cyber Incident Victim: Tenafly Public Schools
Date:
Jun 2022
Location:
United States of America
Summary
A ransomware attack disrupted operations at Tenafly Public Schools, forcing the cancellation of final exams due to inaccessible systems containing student notes and reviews. The district detected server irregularities, prompting immediate shutdowns and engagement of cybersecurity experts, law enforcement, and state agencies. Critical platforms like Google Classroom and grading systems remained offline, leading staff to revert to non-digital teaching methods such as projectors and paper-based activities during recovery. Restoration efforts included installing enhanced security measures while gradually reactivating services, with partial access to Google Workspace eventually restored. The incident contrasted sharply with the district's prior rapid digital transition during the pandemic, highlighting its adaptability under duress. Broader context indicates this attack aligns with a pattern of ransomware targeting U.S. educational institutions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On June 2, 2022, Tenafly Public Schools in Bergen County, New Jersey, experienced a ransomware attack that disrupted normal operations. District staff initially detected anomalies the preceding Thursday when servers malfunctioned and files became inaccessible, prompting immediate shutdowns to isolate affected systems. Cybersecurity experts confirmed ransomware presence, leading the district to involve the FBI, New Jersey homeland security officials, and their cyber insurance provider. Critical educational platforms—including Google Classroom, grading systems, and digital repositories—remained offline during the incident, depriving students and staff of essential resources. With final exams scheduled to begin June 6, administrators canceled assessments due to fairness concerns, as students had lost a week of digital study materials. The attack also created uncertainty around graduation ceremonies, though no specifics were confirmed. District communications manager Christine Corliss acknowledged widespread operational disruptions but emphasized that no ransomware group had been identified publicly.
Recovery efforts prioritized gradual system restoration with enhanced security measures. While Google Workspace applications became accessible during the response, core systems remained offline as cybersecurity teams installed additional protective software. Staff reverted to non-digital teaching methods—using projectors, paper-based materials, and hands-on activities—to maintain instruction, an approach students reportedly found novel. Corliss described the transition as a reversal of the district’s pandemic-era shift to full digital dependency, praising the community’s adaptability. The district declined to specify restoration timelines but characterized progress as steady, with no evidence of data theft disclosed. Broader context emerged from Emsisoft analyst Brett Callow, who noted Tenafly was among at least 10 U.S. school districts targeted by ransomware in 2022, including recent attacks in New Mexico, Ohio, and nearby Somerset County, New Jersey. Law enforcement investigations continued without public attribution of responsibility for the incident.