On Sept. 20, Allen ISD encountered a network outage that district officials have since attributed to a cybersecurity attack that was later followed with an extortion attempt.
On Monday, district parents and staff received an email from a party purported to be from the culprits.
“Before exfiltration and locking the data we hold control on the network several [sic] months, so we had a ton of time to carefully study, exfiltrate the data and prepare attack,” the email said, according to a source that was on the district’s mailing list. “As last proof we are sending you 80 GB os sample data and file tree we are going to release in the dark market after next ill-considered move of your [education] provider. We give 5 days to collect money. Then payment demand will be increased to 10 M USD.”
Superintendent Robin Bullock addressed the situation in an email sent to district parents at 1:35 p.m. that afternoon, Allen ISD Communications Director David Hicks confirmed.
“This morning, some staff, parents, and students received an email from the individuals who conducted the cybersecurity attack on Allen ISD,” Bullock said. “If you received that email, please do not forward or reply to that message, and do not click on any links that it contains. The people sending these emails are criminals, and malicious software may be included in what they sent.”
She continued, “As a general best practice, please be very careful when responding to emails or phone calls that seek your personal information. Although we have no reason to believe that personal computers or accounts have been part of this incident, it is generally recommended that you change your passwords for those accounts if you have concerns about their security.”
Hicks confirmed to Star Local Media on Monday that despite the September network outage, all Allen ISD systems are fully operational. Bullock said the same thing in her email while adding that district officials are closely monitoring all data traffic.
“In terms of who committed this crime, [it] has not yet been determined,” Hicks said over the phone Monday afternoon. “The district has no intention to pay this amount. Even if the district were to pay this amount, this organization or these individuals could still continue to harass the district, so there’s no guarantee that paying any certain amount would make this go away.”
Hicks added that federal law enforcement is investigating the matter, although he did not have any information as to which specific agency is overseeing the investigation.