Highline Public Schools, a district south of Seattle with 17,500 students, canceled classes due to a cyberattack. The unauthorized activity on their technology systems prompted the closure, impacting all school activities, athletics, and meetings. The lack of computer access disabled communication systems, transportation dispatch, and attendance record updates. Despite this, there were no thefts of personal information reported so far, according to a district spokesperson. School districts are frequent targets for cyberattacks due to the vast amounts of personal and financial data they hold.
Cybersecurity attacks on school districts can have significant, long-term impacts, as seen in previous incidents in Minneapolis and Los Angeles. Minneapolis Public Schools were attacked in 2023, leading to the release of sensitive information online, including Social Security numbers, school security details, special education records, and health information. The Los Angeles United School District was attacked two years ago, with reports of stolen information being sold on the dark web this summer. Other vital institutions, such as public ports, health providers, and libraries, are also vulnerable to cyberattacks, as shown by incidents at the Port of Seattle, Seattle-Tacoma International Airport, and the Seattle Public Library system.
In response to the growing threat of cyberattacks on schools, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released a report in August 2023 addressing online security and privacy in K-12 schools. According to CISA, there is an average of more than one cyberattack on K-12 schools per school day. School districts often lack the funds to implement robust cybersecurity programs while managing large amounts of sensitive information. The recent cyberattack on Highline Public Schools highlights the vulnerability of educational institutions to cyber threats that can disrupt vital services and compromise personal data.
Highline Public Schools had just started classes before the cyberattack forced the closure of schools, impacting the first day of kindergarten scheduled for Monday. Officials were working closely with third-party, state, and federal partners to restore and test critical systems safely. The closure was announced on Sunday, with a decision on whether to extend it into Tuesday to be made by Monday afternoon. The district serves several cities in the Seattle area, including Burien, Des Moines, Normandy Park, SeaTac, and White Center. The incident underscores the importance of cybersecurity measures in protecting educational institutions from cyber threats that can disrupt operations and compromise sensitive information.
