Cyber Incident Victim: Pinelands Regional School District
Date:
Mar 2018
Location:
United States of America
Summary
The Pinelands Regional School District experienced a significant disruption when its computer systems were infected by the Emotet malware, severely impacting operational functions. The virus prevented access to critical documents, including a draft budget during a board committee meeting, hindering financial planning processes. Technical staff confirmed the malware's involvement and noted its prior destructive activity in another municipality, highlighting the threat's regional relevance. The incident necessitated alternative measures such as livestreaming meetings to maintain community engagement despite compromised systems.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In early March 2018, the Pinelands Regional School District experienced a significant disruption when numerous district computers became infected with the Emotet malware. The virus crippled administrative operations, preventing staff from accessing critical files and systems necessary for daily functions. During a budget committee meeting shortly before March 7, members were unable to retrieve a draft budget document due to the infection, halting progress on financial planning. The malware's impact extended beyond isolated systems, affecting "many of the district’s computers" according to district technician Phil Holman. While the infection did not necessitate school closures or directly threaten student safety, it impaired core administrative workflows. The incident gained public attention during Holman’s livestream of the March 5 school board meeting, where he acknowledged the ongoing technical challenges. No evidence suggested data theft or unauthorized access occurred beyond the malware’s disruptive payload.
Holman identified the threat as Emotet, a known malware strain that had recently caused similar damage in Allentown, Pennsylvania. The technician’s presence at the March 5 meeting specifically aimed to maintain public transparency through livestreaming despite the technical compromise. The district provided no details regarding infection vectors, remediation timelines, or financial impacts beyond the immediate operational disruptions. No ransomware demands or explicit attacker motives were disclosed in available reports. The board’s inability to advance budgetary work exemplified the malware’s tangible consequences on institutional decision-making processes. Public communications emphasized the incident’s containment to computer systems without physical safety implications for students or staff.