Huntsville City Schools identifies data that may have been impacted by cyberattack

HUNTSVILLE, Alabama — Huntsville City Schools has identified data that was potentially impacted by a ransomware cyberattack in late November.

The district said it is not aware of any attempts to misuse or theft of any personal information of its stakeholders, but issued the notification in an abundance of caution.

RELATED: 7 Huntsville City Schools teachers earn National Board Certified Teachers status

According to the district, the following non-public, personally identifiable information was potentially accessed as a part of the cyberthreat:

• State Student Identification Numbers (SSID) for students enrolled during the following years:
  • 2013
  • 2016
  • 2020
• Email addresses for parents linked to the SSIDs of students enrolled during the 2020 calendar year.
• Social Security Numbers of the following groups:
  • Employees who worked for the district between 2010 and 2020
  • Contractors who performed services for the district between 2010 and 2020
  • Students who participated in the "Fantastic Four" club during the 2008 calendar year.

Huntsville City Schools stressed that it is issuing this notice out of an abundance of caution.

"Ransomware attacks do not necessarily result in sensitive information being stolen, and, to date (Dec. 21, 2020), the district has discovered no evidence that impacted files have been stolen," the district said in its notice.

The district asks to be vigilant and keep an eye out for fraud or identity theft over the next 12 to 24 months if you believe you may have been impacted by the incident.

RELATED: Huntsville City Schools gives update on cyberthreat

Additionally, the district said it is taking several actions to prevent future attacks, including the following:

• Recover backup files to work around the disruption caused by the incident
• Installing and implementing additional cybersecurity software
• Issuing new devices to faculty and staff
• Reimaging impacted student devices
• Implementing improved encryption processes to better protect files and information
• Training faculty, staff, administrators and students on cybersecurity awareness

For more information on what you can do if you believe you've been impacted by the attack, click here.

If you have more questions regarding the details of the attack, the district asks you to call 256-428-7773 from 8 a.m. to 4:30 p.m. on the following dates:

• Monday, December 21
• Tuesday, December 22
• Wednesday, December 23
• Monday, December 28
• Tuesday, December 29
• Wednesday, December 30
• Monday, January 4
• Tuesday, January 5
• Wednesday, January 6
• Thursday, January 7
• Friday, January 8

IN OTHER NEWS: What are the side effects of the Pfizer COVID-19 vaccine?