Allen ISD was hit with a cybersecurity attack and later the subject of an attempted extortion by the culprits, the district said in a Tuesday email to parents and staff.
“Like so many other American businesses and government agencies, Allen ISD was the victim of an attempt to shut down its cyber operations,” said Superintendent Robin Bullock in the email. “Fortunately, that attempt largely failed.”
According to Bullock, third party cybersecurity experts investigated a Sept. 20 network outage that was a result of the attack. This outage affected a GPS routing software used by the district’s transportation workers, which led to 20-25 minute delays for three bus routes that morning.
Upon investigation, the experts reportedly identified the cause of the outage as a cybersecurity attack and made contact with the group responsible for it. The group said it had obtained personal information from district students, families and staff and later attempted to extort Allen ISD out of “millions of dollars,” Bullock said.
“Throughout this investigation, there is no credible or tangible proof that this group has accessed this personal data,” she added. “Our cybersecurity experts have been in contact with this group and given them several opportunities to prove that they have possession of this data, yet they cannot show proof of their claim. We have been advised by our third-party cybersecurity experts and law enforcement not to pay any extortion money.”
While officials say they have not seen credible evidence of a data breach, Bullock said that contact would be made with families and staff in the event that sensitive information was stolen.
On Tuesday, Allen ISD spokesperson David Hicks said to reporters, “At this point, the school district does not plan to conduct any interviews about this situation.”