Highline Public Schools, a district south of Seattle with 17,500 students, recently canceled classes due to a cyberattack. The district discovered unauthorized activity on their technology systems and took immediate action to isolate critical systems. All school activities, athletics, and meetings were affected by the closure, including the first day of kindergarten, which was scheduled for Monday. Cyberattacks on school districts are common due to the amount of personal and financial data they store, making them desirable targets for hackers.
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) reports that, on average, there is more than one cyberattack on K-12 schools per school day. Despite the sensitive information they manage, many school districts lack the funds to invest in robust cybersecurity programs. Highline Public Schools had not detected any theft of personal information by Sunday afternoon. However, the attack did disrupt communication systems, transportation services, and attendance records.
Cybersecurity attacks on institutions can have long-term impacts, as seen in cases such as the 2023 hack on Minneapolis Public Schools where sensitive data was released online, including Social Security numbers and health information. The Los Angeles United School District also experienced a cyberattack two years ago, leading to reports of stolen information being sold on the dark web. Other critical institutions, including public ports, health providers, and libraries, are also vulnerable to cyber threats.
In addition to school districts, other important organizations in the Seattle area have been targeted by cyberattacks. The Port of Seattle and Seattle-Tacoma International Airport faced an attack that disrupted services and flight information displays. The Seattle Public Library system was hit by ransomware, and it took months to restore all tech-enabled services. In 2023, the Fred Hutchinson Cancer Center in Seattle was also targeted in a ransomware attack, compromising patient information and disrupting operations.
In August 2023, CISA and the U.S. Department of Education released a report focusing on online security and privacy in K-12 schools. The report emphasized the importance of having defensible and resilient digital infrastructure to mitigate the risk of cyberattacks. The closure of Highline Public Schools due to the cyberattack was first reported by the West Seattle Blog, and officials were expected to determine by Monday afternoon whether the closure would extend into Tuesday. The district serves several cities in the Seattle area, including Burien, Des Moines, Normandy Park, SeaTac, and White Center.
The incident at Highline Public Schools serves as a reminder of the ongoing threat posed by cyberattacks to critical institutions. As technology continues to advance, it is crucial for organizations to prioritize cybersecurity measures to protect sensitive data and maintain essential services. Collaborative efforts between government agencies, school districts, and other institutions can help strengthen defenses against cyber threats and minimize the impact of potential attacks.
