Superintendent says recent Lowell Public Schools cyberattack did not exfiltrate data; committee asks for outside audit
March 06, 2024 | Lowell Public Schools, School Boards, Massachusetts
This article was created by AI summarizing key points discussed. AI makes mistakes, so for full details and context, please refer to the video of the full meeting. Please report any errors so we can fix them. Report an error »
Superintendent Skinner informed the school committee that Lowell Public Schools experienced a cyberattack on a district server last week, but said the perpetrator did not obtain data or inflict lasting damage.
"The Cyber attack was not successful the the perpetrator didn't get away with any of our data did not um damage our systems" Skinner told members, describing a phased, service‑by‑service restoration of platforms such as Google Suite and the Aspen student management system.
Committee members pressed for a robust outside review. Mr. Conway moved and the panel approved a request for an external security audit to "determine how we can maximize the safety of our system." Several members said they wanted a vendor with proven, enterprise‑level experience rather than a casual consultant.
Skinner said district staff have installed new endpoint protection (referred to as "sinet/CyNE" in the meeting), required staff password resets and vetted applications before re‑enabling internet access for various services. He warned that some staff briefly lost email access this week when a forced password prompt unintentionally cut access for some users.
Technology staff and City Hall IT have been assisting with recovery, and the superintendent said the district is still unable to predict an exact date for full restoration but is farther along than in past city‑level incidents. Members asked for an audit scope to be presented at a future meeting and for prompt communication to families and staff about lingering access issues.
Next steps: the committee asked the superintendent and the technology department to scope an outside audit, identify candidate vendors, and report back with a recommended timeline and budget.
"The Cyber attack was not successful the the perpetrator didn't get away with any of our data did not um damage our systems" Skinner told members, describing a phased, service‑by‑service restoration of platforms such as Google Suite and the Aspen student management system.
Committee members pressed for a robust outside review. Mr. Conway moved and the panel approved a request for an external security audit to "determine how we can maximize the safety of our system." Several members said they wanted a vendor with proven, enterprise‑level experience rather than a casual consultant.
Skinner said district staff have installed new endpoint protection (referred to as "sinet/CyNE" in the meeting), required staff password resets and vetted applications before re‑enabling internet access for various services. He warned that some staff briefly lost email access this week when a forced password prompt unintentionally cut access for some users.
Technology staff and City Hall IT have been assisting with recovery, and the superintendent said the district is still unable to predict an exact date for full restoration but is farther along than in past city‑level incidents. Members asked for an audit scope to be presented at a future meeting and for prompt communication to families and staff about lingering access issues.
Next steps: the committee asked the superintendent and the technology department to scope an outside audit, identify candidate vendors, and report back with a recommended timeline and budget.
View the Full Meeting & All Its Details
This article offers just a summary. Unlock complete video, transcripts, and insights as a Founder Member.
✓
Watch full, unedited meeting videos
✓
Search every word spoken in unlimited transcripts
✓
AI summaries & real-time alerts (all government levels)
✓
Permanent access to expanding government content
30-day money-back guarantee
