Update on Cybersecurity Incident

By Office of Communication and Community Relations
October 09, 2020

Dear FCPS Community and Staff, 

As you may have heard, FCPS was the victim of a cybersecurity incident involving a ransomware attack. Earlier this evening, the attackers posted the information that they stole on the dark web.   

Ransomware is a form of malware that is designed to prevent users from accessing files, and in some cases, extract and hold data hostage until a ransom is paid. In this case, a sophisticated group of cyber criminals, known as the Maze group, is claiming responsibility for the attack.   

In the midst of all the challenges posed by virtual learning and the pandemic, cyber criminals have been targeting educational systems around the country in an attempt to disrupt their operations. In fact, FCPS is just one of more than 1,000 educational systems to suffer a ransomware attack in the past year. In the past week alone, multiple school districts were reported to be victims of ransomware attacks.  

Due to the swift action of our IT team, we were able to restore virtual learning operations in time for the first day of school, which have continued without disruption. The incident has also not affected our ability to meet payroll and administrative obligations. We have implemented several cybersecurity-related enhancements and are continuing to evaluate additional steps that may be taken to further harden our defenses. 

At this time, it appears as though certain personal information for some students and employees may have been impacted. We deeply regret that this has occurred and are committed to supporting you. We are working around the clock to identify the information that was taken and will notify impacted individuals as appropriate. 

We know that the pandemic and virtual learning have placed stress on families and staff. As we mentioned, our investigation to determine the scope and impact of this incident is ongoing, and we are working with leading outside security experts to conduct a thorough investigation. We are also working closely with the FBI and Virginia State Police and are supporting their criminal investigations to bring the attackers to justice. 

Virtual learning is proceeding as planned. Students and staff should continue to use their computers to access the FCPS network. As we move forward, maintaining continuity of school for our students, faculty, and staff, along with safeguarding their data, are our top priorities.   

Sincerely,  

Scott Brabrand

Superintendent, Fairfax County Public Schools

Information on Ransomware Attack

Find answers to common questions about the ransomware attack