FinalSite, an Internet software house that provides website design, hosting and content management solutions to school districts, has been hit by a ransomware attack.
Earlier this week, school districts whose websites are hosted by FinalSight found that they were no longer accessible or displayed errors. At the time FinalSight blamed the issues on “performance difficulties” in various services, the Glastonbury, Conn.-based company has confirmed that the outage was caused by ransomware.
“On Tuesday, January 4, our team identified the presence of ransomware on certain systems in our environment,” The company said in a statement, “We immediately took steps to secure our systems and control the activity. We immediately began investigating the incident with the help of third-party forensic experts, and began taking some systems offline.
FinalSight spokeswoman Morgan DeLack told Nerdshala that 5,000 of its total 8,000 global customers — including school districts in Kansas City, Illinois and Missouri — are affected by the incident. In addition to the website closure, a Reddit user Claimed The incident also prevented some schools from sending email notifications about school closures due to the COVID-19 outbreak.
In its latest status update, FinalSight says that “the vast majority of front-facing websites are online,” although it notes that “some sites still have proper styling, admin log-in functionality, calendar events, or the need for component directories.” There may be a shortage.” A FinalSight client, Holy Ghost Preparatory School in Pennsylvania, said When its website went back online on Friday, the registration form and our email system remain unavailable.
A FinalSight spokesperson said the company noticed a problem, took its customers’ sites offline and rebuilt their systems from the ground up in a clean environment. “That’s why it’s taking time to get everyone back online,” she said. “The malware problem isn’t what caused sites to go down – we took them down to protect our clients’ data.”
It is unclear how the attackers gained access to the finalists’ systems, and it is not yet known what type of ransomware was used in the attack. The company tells Nerdshala that it is continuing to work with a forensic expert to complete a thorough investigation.
Delack said there is “no evidence” that would suggest that any data has been compromised as a result of the ransomware attack, but declined to say whether FinalSight has the means — such as logs — to conduct an ongoing investigation. To detect exclusion of data by referring to .
Educational institutions and their providers have become a popular target of dangerous actors since the start of the pandemic, which caused many to move to online-based distance learning. Last September, for example, Washington, DC’s Howard University was forced to cancel classes after falling victim to a ransomware attack.