School officials noticed malicious activity on its servers Sept. 7. The district closed schools for two days after the attack, which was later labeled a ransomware attack. After a nearly five-month investigation, officials determined sensitive information was compromised, according to a news release.
The Highline district has about 18,000 students at 35 schools south of Seattle.
"The investigation determined that an unknown actor gained access to certain systems on their network and accessed certain files," the release states. "After the forensic investigation, Highline performed a detailed and labor-intensive review of the affected files to determine if personal information was involved and to identify the individuals associated with this information."
The data compromised in the attack includes:
- Names and addresses
- Birthdays and Social Security numbers
- Driver's license numbers
- Financial account information
- Passport numbers
- Employment information
- Digital signatures
- Medical and health insurance information
- Student identification numbers
- Student records, demographic information and grade information.
The district did not disclose how much money the hackers demanded. Since the attack, the school system has increased cybersecurity efforts. They're also offering a year of identity protection for people affected through IDX identity theft protection.
Those concerned about the data breach can contact the district's hotline at 1-877-758-1726, from 6 a.m. to 6 p.m. Monday through Friday.
©2025 The Seattle Times. Distributed by Tribune Content Agency, LLC.
