Hacker claims to have data from the Davenport Community School District

The issue was initially reported as “server issues” by the district back in September
Published: Sep. 13, 2022 at 2:47 PM CDT|Updated: Oct. 26, 2022 at 7:23 PM CDT
Email This Link
Share on Pinterest
Share on LinkedIn

DAVENPORT, Iowa (KWQC) - According to a statement from Davenport Community Schools Wednesday evening, the district has confirmed that an unauthorized user gained access to personal information belonging to current or former employees.

The full statement can be seen below:

On September 29, 2022, Davenport Community Schools reported that through its investigation of a recently experienced cyber incident, it had identified no evidence that personal information was impacted. Following that statement, however, Davenport Community Schools learned that the incident potentially impacted personal information belonging to certain current / former employees. Since then, Davenport Community Schools has been working diligently to identify contact information necessary to provide notification of the incident to potentially impacted individuals and to provide resources – including credit and dark web monitoring services – to assist them. Davenport takes this incident very seriously and is continuing to work with cybersecurity experts to take steps to help prevent a similar incident from occurring in the future.

Davenport Community School District

This statement comes after DCSD lost access to their Internet servers back in September. They also lost access to their email and phones for a short time. TV6 has learned that email is again not working within the schools and hasn’t been since the beginning of the week.

In a post by “Karakurt”, an FBI monitored data extortionist group, claims to be behind the breach and has threatened in a post on both the dark web and the normal web what they currently have from the hack.

To see the full breakdown and timeline of events, the previous statements from DCSD can be seen below.

Davenport Community Schools Superintendent TJ Schneckloth has released a statement on October 4th regarding what was being called “server repairs” after Davenport Schools went without internet for roughly a week back in September.

The full statement can be read below:

Davenport Community School District’s IT officials worked around the clock to thwart a recent effort by an unauthorized actor that had gained access to the DCSD system, TJ Schneckloth, Superintendent of Schools, said Thursday.

The district could not release information about the incident until now due to the ongoing forensic investigation over the previous few weeks, Schneckloth said.

Several cyber-attacks on school networks across the state have occurred around Iowa this fall, leading to heightened monitoring of systems and the quick detection of and defense against the attack on DCSD’s network.

The school’s IT staff worked in conjunction with national experts to defend against the intrusion. There is no evidence that personal information was taken.

“We are very thankful to the district employees who worked tirelessly to root out and fight this threat,” Schneckloth said. “Because of our team, and the assistance of national experts, we were able to maintain the security of our system.”

In light of the incident, IT officials took systems offline but now all systems are restored. The district has doubled their efforts to prevent similar attacks in the future.

“We see this as an opportunity to learn and grow in our knowledge and preparation,” Schneckloth said. “We remain diligent and on guard against any malicious actors which may arise in the future. I’m proud of our team, and thankful for the excellent work they’ve done to protect against this criminal attack.

TJ Schneckloth, Davenport Community Schools Superintendent

Davenport Community Schools were without internet up until the morning of September 13 due to what the district is calling, “server issues”.

District spokesperson Mike Vondran told TV6 that the outages were due to server issues and that a team of specialists are in town continuing to work on resolving the issue.

Vondran said they expected the entire problem to be fixed by the morning of September 13, but as of that afternoon, all schools were still without working email and phones.

Faculty members were instructed to change all passwords on September 12.

When asked about a potential cyber attack or ransomware attack such as the ones in the Cedar Rapids area or across the nation, Vondran replied saying to his knowledge, that is not the issue here.

TV6 will have continuing coverage on the outage and provide updates when they become available from the district.