Prince George’s County Public Schools (PGCPS), serving the D.C. suburbs, faced a significant cybersecurity challenge with a ransomware attack that exposed the personal information of nearly 100,000 individuals. The incident, detected on August 14, 2023, just before the commencement of fall classes, led to a network outage impacting the Maryland school district, which caters to approximately 130,000 students. PGCPS concluded its review in February, confirming that personal information was compromised in the breach, including names, financial account details, and Social Security Numbers.
The attack, initiated as early as August 3, resulted in 99,543 people being affected, as stated in the regulatory filing. The threat escalated further when reports in November suggested that the Rhysida ransomware gang had posted PGCPS data on its leak site. This incident adds to the concerning trend of cyberattacks on K-12 school systems nationwide, despite a potential decrease in overall ransomware incidents. The breach underscores the vulnerability of educational institutions and the critical need for robust cybersecurity measures to safeguard sensitive student and staff information.
