Investigation into CLPS ransom attack continues

By: Maria Allard | Warren Weekly | Published May 31, 2024

Shutterstock image


CENTER LINE — An investigation into a cyberattack that occurred May 25, over Memorial Day weekend, in the Center Line Public Schools district continues.

“On Saturday we discovered there was ransomware on our computers,” district Superintendent Joseph Haynes said. “Somebody got in and started making copies of data on our servers. After they took stuff, they locked it down by encrypting it.”

The district’s network system was infiltrated with a ransomware attack. Because the cyberattack is under investigation, school officials are limited in what they can share with the media. Since the computer hack, school officials have been working to determine how the breach occurred and what data was pilfered.

“We have put together a team of lawyers and tech people that are helping us address the issue,” Haynes said. “A lot of our hardware is on pause right now. We’re worried about any kind of data that was taken.”

Ransomware is a type of malicious software that threatens to publish or block access to data or a computer system, usually by encrypting it. The online hack impacted Wi-Fi, internet, security cameras, all forms of communication and educational software. Members of the district’s technological team noticed there was an issue on May 25.

“Our software sent out notifications,” Haynes said.  “Our software is supposed to block (a cyberattack), and it lets you know people are trying to get in.”

As soon as district officials were notified of the computer attacks, “We locked down everything,” Haynes said. “We shut down everything.”

Law enforcement has been involved in the investigation.

“Our local police are aware of it. They are the liaison to the Michigan State Police,” the superintendent said. “We had to notify the FBI.”

Because of the incident, school throughout the district was canceled on May 28. Staff and students were back in session May 29.

“We have the internet, and we use Chromebooks,” Haynes said. “Because we are a Chrome-based district, Chrome was not impacted.”

Haynes said “there’s no rhyme or reason” as to who is behind the internet attack or why.

“I have no idea why they decided on us,” he said. “To do any type of ransom, you have to be a techy person.”

Parents and staff were made aware of the situation through a district letter. It’s unclear how long the investigation will take.

“I think it’s going to take some time. We are addressing it to the best of our ability,” Haynes said. “I’ve heard every situation is different.”