Sen. Jacky Rosen and Sen. Catherine Cortez Masto are seeking federal guidance for the Clark County School District (CCSD) and other school districts following the recent CCSD ransomware attack, which resulted in the release of private data, including Social Security numbers.
“We write to share our concerns with the recent cyberattack at Clark County School District (CCSD) and urge the Department of Education (ED) and the Department of Homeland Security (DHS) to provide adequate support, guidance, and resources to help CCSD respond to the attack and prevent future ones,” the two senators said in a letter, spearheaded by Rosen and dated Friday, to Education Secretary Betsy DeVos and acting Homeland Security Secretary Chad Wolf.
The two senators asked a series of questions, including how the agencies are responding to cyber attacks on other K-12 school districts and requested a response by Oct. 15.
They also asked whether there are any grant funds available, what best practices that can be implemented to fortify cyber defenses, whether those could be provided to CCSD and where such attacks should be reported.
First reported by The Wall Street Journal last month, CCSD was the target of a hacker on Aug. 27 who demanded money in return for unlocking district computer servers. When CCSD did not pay, the hacker published documents online containing sensitive information, including employee Social Security numbers, and student names, addresses and grades.
CCSD is Nevada's largest school district and the fifth-largest in the nation, serving more than 320,000 students. The district is the largest school district known to be hit with ransomware since the pandemic began, according to the Journal.
“This is unacceptable and requires an immediate federal response,” the letter said.
In August, Rosen led a group of eight senators in a letter to Congressional Leadership asking them to include cybersecurity funding in the next pandemic relief package, including cybersecurity support for school districts, local governments, and small businesses. The letter cited FBI data showing that elementary and secondary schools may see a spike in ransomware attacks during the pandemic.