The problems at Finalsite started Tuesday and the company said it is still working to recover full functionality.
Some 5,000 school district websites were reportedly made inaccessible this week after a ransomware attack on the company that hosts those sites. Three days later, the company is still trying to restore full functionality.
“On Tuesday, January 4, our team identified the presence of ransomware on certain systems in our environment,” Finalsite said on a status update page Thursday. “We immediately took steps to secure our systems and to contain the activity.”
Finalsite said it launched an investigation with third-party forensic specialists. It said there was no evidence that Finalsite or client data was stolen.
This incident was not directed at any specific schools, but the Finalsite database as a whole,” Finalsite said in a statement, “Data contained within these websites is limited to demographics (name, email address).”
Finalsite said it does not store personal information such as school records, credit card information or social security numbers.
Company spokesperson Morgan Delack told TechCrunch that 5,000 of the company’s 8,000 customers were affected.
A Reddit user claimed on Thursday that the outage prevented some schools from sending out alerts about school closures or COVID-19 protocols.
Details of how the hackers gained access and what ransomware was used were not disclosed by Finalsite in its status update.
Former FBI analyst Crane Hassold, now director of threat intelligence at Abnormal Security, told ZDNet that this attack was similar to one last year on Kaseya, noting the trickle-down effect ransomware can have.
“When a company that provides solutions for other companies gets hit with ransomware, similar to what we saw with Kaseya last summer, the resulting impact can be exponentially devastating,” Hassold said.
Finalsite is based in Glastonbury, Conn., with offices in the United Kingdom. School districts it serves include Kansas City, Tacoma, Wash., and Avon Grove, Pa. Finalsite said it also serves charter and international schools.
Original Source link