LOCAL SCHOOLS LISTED IN RANSOMEWARE ATTACK


Follow Us: Facebookgoogle_plusFacebookgoogle_plusby feather

Summary of Ransomware Attack Incident and Recommended Action

On October 26, 2017, a Texas Department of Agriculture (TDA) employee’s state-issued laptop computer was compromised through a
. As a result, students in school districts throughout Texas may have been potentially impacted by the breach. The information exposed on the employee’s laptop included names, social security numbers, home addresses, birthdates, and personal phone numbers of the affected students and their families. To date, TDA’s Information Security Officer (ISO) has identified more than 700 students whose sensitive personal information was, or is reasonably believed to have been, exposed to acquisition by an unauthorized person.

It is important to note that, to date, TDA’s ISO has not discovered any evidence to suggest misuse of the information that was compromised by the ransomware exploit.

To mitigate this potential exposure, TDA’s ISO recommends that the affected students, or parents of the affected students, if minors, contact the three major credit bureaus and activate a fraud alert on behalf of the students impacted by ransomware attack.

Guidance is available on TDA’s Square Meals website for individuals that are impacted by the ransomware attack. (Section 521.053(f) of the Texas Business and Commerce Code).

Please view list below of affected schools and school districts with students who have been potentially impacted by the successful ransomware.

Independent School Districts Impacted by ransomware attack

ALBA-GOLDEN ISD

KEENE ISD

ALVARADO ISD

KENNEDALE ISD

ARGYLE ISD

KRUM ISD

BIG SANDY ISD-DALLARDSVILLE

LAKE DALLAS ISD

BOLES ISD

MELISSA ISD

BOYD ISD

NECHES ISD

CENTRAL ISD

NEW DIANA ISD

CLEBURNE ISD

ORE CITY ISD

CORISCANA ISD

PARADISE ISD

CROWLEY ISD

PILOT POINT ISD

DALLAS COUNTY JUVENILE DEPARTMENT

PINEYWOODS COMMUNITY ACADEMY

ENNIS ISD PONDER ISD

ETOILE ISD

PRINCETON ISD

GILMER ISD

SLIDELL ISD

GLADEWATER ISD

ST MARY OF CARMEL SCHOOL

GUNTER ISD

ST GEORGE SCHOOL

HARLETON ISD

TERRELL ISD

HARRISON COUNTY JUVENILE SERVICES

UNION GROVE ISD

JEAN MASSIEU ACADEMY

UNION HILL ISD

KARNACK ISD

References – Applicable State Law:

Section 521.053(b) of the Texas Business and Commerce Code – requires notice to a person whose sensitive personal information was, or is reasonably believed to have been, acquired by an unauthorized person.

Section 521.053(f) of the Texas Business and Commerce Code – authorizes alternate notification via electronic mail, if the person providing notice has electronic mail addresses for the affected persons; conspicuous posting on the entity’s website; or broadcast on major statewide media.

Section 521.002(a) of the Texas Business and Commerce Code – defines PII as information that alone or in conjunction with other information identifies an individual, including an individual’s name, social security number, date of birth, government-issued identification number, mother’s maiden name, personal address, driver’s license number, etc.

2


SHARE Facebookgoogle_plusmailFacebookgoogle_plusmailby feather