Finalsite spokesperson Morgan Delack told CNN about 4,500 schools in the U.S., and another 500 in other countries, were impacted.
Some districts took the event as a call to action. Connecticut’s Attorney General’s Office issued a press release that urged businesses and public agencies to treat the attack as a reminder that anyone can get hit by ransomware. Attorney General William Tong advised organizations to act now to shore up defenses by taking steps like adopting multifactor authentication, testing incident response plans and backing up data.
Finalsite first detected the ransomware on Jan. 4, prompting staff to shut down some systems and tap third-party forensic specialists to investigate, Finalsite said in a Jan. 10 press release.
“This incident was not directed at any specific schools, but certain areas in the Finalsite systems as a whole,” said the firm in its release.
The investigations into the incident remains underway, but the firm said that it currently has “no evidence” that its or its clients data had been stolen. The company also stressed that it does not hold sensitive payment, academic record or social security details on clients, only information like names and emails.
By 7:29 a.m. EST on Jan. 10, the company was reporting all websites restored and the eNotify application functioning again. Some integrations still remained in process as of 11:19 a.m. EST, which Finalsite said could result in issues such as preventing virtual campus tour files from loading and leaving some files and folders missing from File Manager.
