"Tennessee College Hit with Ransomware"

A cyberattack on a community college in Tennessee may have exposed the personal data of students, staff, and faculty.   Adversaries struck Pellissippi State Community College (PSCC) with ransomware on December 5, 2021.  The attack shut down online network connections to all five of its campuses during finals week, disrupting online exams.  All the college's connected PC workstations and most of its servers, including the operating system and files, were encrypted.  The attackers also changed the passwords of every user.  The attack left staff and some of the college's 11,000 students unable to access email or the Microsoft communications platform Teams.  The college launched an investigation into the cyberattack to gauge its impact.  During the investigation, the university was able to confirm that the attacker had access to their Active Directory database, which includes first and last names; PSCC usernames; PSCC email addresses; office locations and phone numbers; job titles and departments (if an employee); P numbers (a unique number assigned to each student and employee used only at PSCC and not used to sign documents); General user ID numbers (a long random string of numbers used only by PSCC in its Banner system); and PSCC account passwords (hashed).  The college added that cybercriminals may have also been able to access other personal data in their system.

Infosecurity reports: "Tennessee College Hit with Ransomware"