Cyber attack takes down high school district's server and phone system | News | Mountain View Online |


Cyber attack takes down high school district's server and phone system

Mountain View-Los Altos superintendent says ransomware attack coincided with fraudulent activity on district credit cards

The Mountain View-Los Altos High School District was the victim of a ransomware attack Wednesday that took down the phone system and blocked access to files stored on the district's server. It's unclear whether sensitive student data was exposed during the attack.

Superintendent Nellie Meyer said in a statement Thursday that the attack prevented teachers and students from accessing email accounts and files stored on the district's servers -- interfering with both campus operations and instruction. Around the same time, staff received reports of fraudulent activity on district credit cards, which may have been related to the attack.

The school district is still investigating the cause and extent of the security breach, including whether the attackers had access to sensitive student data that could be copied and transferred.

Phones remained offline and the district's servers unplugged as of Friday afternoon, and in all likelihood both will still be inoperable when school resumes on Monday, according to Bob Fishtrom, the district's director of information services. Bringing things back online is contingent on new antivirus software being installed across the district's computers and devices, which is a necessary process that takes time.

What the district knows so far is that the malware is called Sodinokibi, a sophisticated type of ransomware developed in April 2019, likely in Russia or China, and somehow got into the district's network -- potentially in a bogus email attachment. Sodinokibi is designed so that it repeatedly attempts to replicate itself, and holds victims hostage by encrypting files and demanding money (in bitcoin) in order to get them back.

"We're one of hundreds of districts and entities hit with it," Fishtrom said.

Since Wednesday, Chromebooks have been distributed to staff with affected computers as a workaround, Fishtrom said, and the good news is that many teachers are already storing most of their important digital classroom materials on Google Drive -- which remain unaffected. The other bright spot is that the district's student information system is hosted elsewhere and hasn't been affected.

"We know that it hasn't been compromised," he said.

Kalista Micetich, a freshman at Mountain View high, said everything from the grading system to classroom projectors to the attendance-taking system was affected, and students in engineering classes fell behind because they couldn't use their computers to code or design anything.

The district is seeking outside help from a digital security company, Kroll, which is assisting in both safeguarding the district from future attacks and doing the forensic work needed to figure out what happened and what information has been compromised. The early reports indicate that the fraudulent credit card activity, while suspiciously timed, does not appear to be related to the breach.

The attack was first reported by Mountain View High School's student newspaper, The Oracle on Thursday.

Families concerned that their child's personal information has been compromised are encouraged to keep an eye out for updates on the district's Facebook and Twitter social media pages, and are directing any inquiries to the IT department at 925-788-3038 or

This is a breaking story. Check back for updates.

What is democracy worth to you?
Support local journalism.


Like this comment
Posted by MVLAParent
a resident of Waverly Park
on Feb 3, 2020 at 11:41 am

Does anyone know if this will impact colleges' access to transcripts for their applications?

Don't miss out on the discussion!
Sign up to be notified of new comments on this topic.


Post a comment

Posting an item on Town Square is simple and requires no registration. Just complete this form and hit "submit" and your topic will appear online. Please be respectful and truthful in your postings so Town Square will continue to be a thoughtful gathering place for sharing community information and opinion. All postings are subject to our TERMS OF USE, and may be deleted if deemed inappropriate by our staff.

We prefer that you use your real name, but you may use any "member" name you wish.

Name: *

Select your neighborhood or school community: * Not sure?

Comment: *

Verification code: *
Enter the verification code exactly as shown, using capital and lowercase letters, in the multi-colored box.

*Required Fields

Stay informed

Get daily headlines sent straight to your inbox.

Umami Burger calls it quits in downtown Palo Alto
By Elena Kadvany | 15 comments | 9,257 views

Couples and Premarital : "Who we are . . . depends in part . . . on who we love."
By Chandrama Anderson | 0 comments | 2,625 views

Flying: How much is enough? It's personal.
By Sherry Listgarten | 9 comments | 2,168 views

Wait, wait – we’re working on it
By Diana Diamond | 10 comments | 1,406 views

My Pet Peeves
By John Raftrey and Lori McCormick | 7 comments | 1,224 views


Short story writers wanted!

The 34th Annual Palo Alto Weekly Short Story Contest is now accepting entries for Adult, Young Adult and Teen categories. Send us your short story (2,500 words or less) and entry form by March 27, 2020. First, Second and Third Place prizes awarded in each category.

View Details