Cyber Incident Victim: Floyd County Schools

On June 6, 2022, the Floyd County Schools system in Georgia discovered a cyberattack involving unauthorized fund transfers. The district publicly confirmed the incident on June 8 through spokesperson Lenora McEntire Doss, who characterized the breach as a spear phishing attack where perpetrators impersonated a trusted sender via email. This targeted email deception enabled threat actors to divert $194,672.76 from school system accounts to external destinations. Law enforcement agencies immediately initiated an investigation upon notification, though specific investigative partners were not disclosed in initial reports. The attack's discovery timeline indicates malicious activity occurred on or before June 6, with forensic analysis presumably commencing that week. No technical details regarding compromised systems, employee roles involved, or malware deployment methods were released publicly at this stage.

The financial impact centered on the theft of nearly $195,000, representing direct monetary loss until recovery efforts succeeded. Authorities traced the stolen funds to a bank in Texas, where they were successfully recovered and returned to the school district. This recovery mitigated the incident's fiscal damage but did not eliminate operational disruptions or investigative costs incurred. The district's public statement emphasized the external origin of the attack without attributing blame to internal personnel or systems. Police continued investigating the breach's origins, methodologies, and perpetrators as of the last reported update. No supplementary impacts—such as data leaks, ransomware deployment, or secondary financial losses—were referenced in initial disclosures regarding the incident's scope.