Hackers targeted two colleges during a critical period, causing disruptions amidst final exams and commencement ceremonies. Chattanooga State Community College in Tennessee has been dealing with a cyberattack since Saturday, leading to class cancellations and modified schedules for staff.
With over 11,000 students affected, the college has intentionally shut down systems to investigate and mitigate the incident. Similarly, Mercer University in Georgia reported a cybersecurity breach where hackers stole sensitive information from students, parents, and employees. Founded in 1833, Mercer serves more than 9,000 students.
The cyberattack on Chattanooga State, also known as Chatt State, impacted various student services, including student IDs, parking passes, financial aid, academic advising, and more. The college’s National Signing Day event was canceled, and refunds or delayed classes were offered as a result.
Despite the challenges, the college community is uniting and demonstrating resilience, trust, and care for one another during this trying time, according to President Rebecca Ashford.
Both incidents have prompted the involvement of law enforcement, The College System of Tennessee, the State of Tennessee Attorney General’s Office, and an undisclosed cybersecurity vendor. Tennessee State University, a historically black land-grant university, had previously notified its 8,000+ students about an IT system shutdown due to a ransomware attack.
In the case of Mercer, the university disclosed unauthorized access to its computer network, leading to an ongoing investigation with the assistance of law enforcement and external consultants. While personal financial information remains uncompromised, Social Security and driver’s license numbers were removed without authorization.
The attacks highlight a concerning trend, with a new ransomware gang named Akira targeting educational institutions. They demand ransoms ranging from $200,000 to millions of dollars, offering reduced amounts if data theft, rather than encryption, is involved.
Ransomware expert Brett Callow from Emsisoft has tracked at least 35 reported attacks on colleges and universities in 2023, noting a recent increase during this critical time. The motivation behind attacking compromised networks during exams remains a topic of speculation, but the trend underscores the need for enhanced cybersecurity measures in educational institutions.
