Residents are expressing concern over letters recently received referencing a data breach in 2021 sent by the Vicksburg-Warren School District.
In May 2021 VWSD servers were hacked. The cyber criminals who took responsibility, a group called “Grief”, claimed to have personal employee information and school documents.
“The network of Warren Vicksburg School was screwed and now we have about 10 GB of data from file servers, including internal company documents and personal information,” the group’s website read before it was removed. “According to our rules we are publishing this data step by step in case if this company will keep silence (sic).” (As reported by Mississippi Today)
VWSD was not the only school district affected by the ransomware attacks used by hackers. According to StateScoop, several attacks have occurred since 2013 throughout Mississippi. A larger view shows 472 ransomware attacks have been reported from school districts throughout the country during the same time frame.
Now, one year later, those with ties to the district are receiving notices of the breach. A former student within the district posted the letter received on social media. The former student stated they graduated in 2017 and asked if there should be any concern.
Another concerned parent took to social media as well and posted the image received of their notice and raised the question as to the timing of the letter.
Vicksburg Daily News reached out to VWSD for a comment on the issue. We received the following response from Jason S. Cherry, who states he represents VWSD in the security incident:
We represent the Vicksburg-Warren School District (“VWSD”) in a cyber security incident that occurred on or about May 28, 2021. After the incident, VWSD activated their response plan, took immediate action to protect their network, and launched an investigation into the cause of the incident. VWSD has been able to secure their cyber environment, continue their operations, and serve their students and community. VWSD takes the security of sensitive information very seriously, and has implemented additional security features to help prevent a similar incident from occurring in the future. VWSD has also reported this matter to the FBI and will cooperate as necessary to hold the perpetrator accountable. We have no information regarding the victimization of other school districts.
The school district has complied with all notification requirements. Due to the sophistication of the data sets and information, the processing of data for identifying potentially-affected individuals was complex and required additional time to resolve. Notification letters were sent to potentially-affected individuals on May 12, 2022. The letters include information about this incident and about steps that potentially-affected individuals can take to monitor and help protect their personal information. VWSD has established a toll-free call center to answer questions about the incident and to address related concerns. The call center can be reached at 1-833-909-4437 Monday through Friday from 8:00 am to 8:00 pm Central Time.
No further comment regarding the timing of the letter has been received.