KNOXVILLE, Tenn. — Pellissippi State Community College provided an update on a ransomware security breach that targeted its systems in December, saying some information of students, teachers and staff -- both past and present -- had been accessed and compromised.
The attack happened overnight between December 5 and 6. PSCC said an attacker encrypted all of its connected PC workstations and most of its servers before the college discovered the incident and shut down its networks to prevent further access. PSCC said it did not pay the ransom.
The college began sending out notifications Tuesday to people affected by the breach, which also included participants in Tennessee Consortium for International Studies programs.
The college said its main database and credit card payment systems did not appear to be involved in the attack, and no data on those systems had been accessed by unauthorized users. However, it said a forensics investigation found one system had been accessed by bad actors, which contained basic directory information such as names, email addresses, internal ID numbers, and Pellissippi State passwords.
The investigation concluded it was "impossible to determine with certainty" whether any additional personal information was accessed. For that reason, the college said it is urging people who have provided data to the college to protect themselves from identity theft. It is offering free credit monitoring to people who were impacted.
"Our students and employees entrust us with important information, and we take that responsibility very seriously," said L. Anthony Wise Jr., president of Pellissippi State. "Unfortunately, despite our best efforts at data protection, as the investigation into the cyberattack progressed, it became clear that we could not conclude that there was no exposure of personal information. We are notifying members of the college community of this incident and want those who may have provided personal information to the college to be aware of how they can protect themselves."
The college said it has sent emails to anyone who had an email address with the college with a code to sign up for credit monitoring. It has also set up a website at this link with more detailed information. People can also call 1-855-604-1808 between February 2 and May 2 or email cyberresponse@pstcc.edu with questions.
PSCC said its investigation revealed the attack's main goal was to force a ransom payment by holding locked down data hostage, rather than to strictly steal data. As of February 1, it said there does not appear to be any evidence of ongoing attacks, but said it is still working through the recovery process.
Since the attack, PSCC said it has enhanced its IT security measures and said it will look at adding more security measures after conducting an after-action review.
“Regrettably, attacks by cybercriminals are much more common and are an inherent risk in today’s online environment,” said Pellissippi State Chief Information Officer Audrey Williams. “As soon as this incident was discovered, our Information Services staff acted swiftly to prevent further access by the attackers to our systems. We have been working diligently to restore our online services in a way that will better defend Pellissippi State from future cyberattacks.”