Des Moines Public Schools has canceled all classes for Tuesday after officials took the district’s internet and network offline Monday morning following what they described as “unusual activity” that was later determined to be an apparent cybersecurity attack.
The district issued an announcement Monday afternoon saying offices will be open but staff may be working remotely and services limited.
Athletics and activities are currently scheduled to take place, the district said.
Updates:After Des Moines schools canceled classes Tuesday, DMPS to provide update at 3:30 p.m.
On Monday morning, the district was alerted to a “cybersecurity incident” on its technology network, the statement said. As a preemptive measure, the school district’s internet and network services were taken offline for investigation and assessment.
“Because many technology tools that support both classroom learning as well as the management and operation of the school district are not available at this time, the prudent decision is to close the district for the day,” the statement said.
“At this time, the matter is being investigated by our IT staff and consultants,” said Phil Roeder, Des Moines schools’ spokesperson told the Des Moines Register. “Access to the internet, wifi, and various networked systems, at school buildings and district offices, will be either offline or intermittent throughout the day.”
Des Moines Public Schools is just one of a number of Iowa schools and organizations that have dealt with cybersecurity attacks in recent years including the Des Moines Area Community College in 2021 and MercyOne facilities following the cybersecurity breach at CommonSpirit Health in mid-October.
Monday’s outage caused issues for Des Moines schools’ teachers who rely on online teaching materials.
“Lack of internet impacts teaching and learning at a high level in a way that it hasn’t, maybe historically,” said Josh Brown, Des Moines Education Association president, “but our classrooms rely more and more on technology that is internet-based or connected to our network in some way.”
The lack of internet also interfered with new teacher orientation for about 30 people, Brown said.
“Unfortunately, we had to change the plans because we weren’t able to get computers and we weren’t able to give them their badges and stuff,” he said.
The Des Moines school district is the largest in the state, with more than 30,000 students and nearly 5,000 teachers and staff at work in more than 60 schools.
In recent years, several Iowa school districts have been the subject of ransomware attacks.
In July 2019, Glenwood Community School District in Mills County was forced to pay $10,000 in ransom after hackers encrypted student data that included schedules, contact and demographic information, making it inaccessible to administrators.
Recent ransomware attacks on Iowa schools include those in 2022 that hit the Cedar Rapids Community School District, the Linn-Mar Community School District and the Davenport Community School District.
Unlike Glenwood, these schools did not voluntarily disclose details of their ransomware attacks, including how much ransom was paid.
Related:Ransomware attack confirmed at MercyOne’s parent company, CommonSpirit Health