BC3 hacker obtained files from college servers
The perpetrators behind the November ransomware attack against Butler County Community College obtained files from college servers.
The college did not pay a ransom in connection with the attack.
BC3 on Wednesday updated its investigation into the attack that forced the college to cancel classes at the main campus in Butler Township and its other campuses for two days. The FBI also is investigating the attack.
A third-party forensic firm informed BC3 that the individuals responsible for encrypting certain devices connected to the college’s network acquired certain files from college servers.
The college and the forensic firm are reviewing the content and scope of those files. Pending the results of that review, BC3 will notify anyone whose personal information was contained in those files.
College officials declined to say which files and servers were breached.
BC3’s information technology division experienced widespread technical difficulties Nov. 24.
IT staff discovered that certain devices connected to the college’s network had been encrypted by a ransomware program. The discovery triggered the college’s response plan.
Staff isolated devices and shut off certain systems to contain the ransomware attack. BC3 then contacted the third-party forensic firm and the FBI.
BC3 continues to utilize and install enhanced security tools on devices across its network.
The IT division rebuilt every PC on the college’s main campus and at its additional locations; rebuilt services that control remote access and student desktops; and restored servers in its data center.
Final examinations for the college’s fall semester ended Dec. 18. BC3’s spring semester is underway.