On Monday, FinalSite announced that no data was stolen in last week’s ransomware attack.
The announcement from the company comes after a six-day-long investigation of the attack.
Last Tuesday, FinalSite suffered a ransomware attack forcing it to shut down its IT infrastructure and web servers. As a result, thousands of school websites including the websites of public school districts in the US were inaccessible.
FinalSite said they hired privacy attorneys at Mullen Coughlin LLC and cyber forensic investigators Charles River Associates to investigate the cyberattack.m
The company in its investigation report said they have achieved containment of threat actor activity, knows when the threat actor entered into FinalSite’s system i.e Jan 4, 2022, and how the threat actor obtained access to their systems. Furthermore, the company identifies who the threat actor is but won’t reveal the name due to ongoing investigations.
The report additionally states that FinalSite is quite confident that no “client data” was compromised during the ransomware attack.
FinalSite’s investigation report reads,
“After six days of investigation, we know when the threat actor entered, how they entered and what they looked at. We are confident in saying that no client data has been viewed, compromised, or extracted.”
“During the remaining course of the investigation, if we determine otherwise, we’ll act swiftly to notify you and take appropriate action.”
Additionally, FinalSite advised its clients to not host any confidential or sensitive data (academic records, social security numbers, payment information).
Are you looking for more security updates? Subscribe to our Newsletter for the latest security news right from the security and research industries.