Fall River Public Schools releases public summary report concerning cybersecurity incident

Wednesday, the Fall River Public Schools issued the following summary report on a cybersecurity incident that recently took place:

Overview

On April 7, 2025, Fall River Public Schools (FRPS) experienced a cybersecurity incident that temporarily disrupted access to the district’s technology systems. FRPS immediately engaged third-party forensic specialists to investigate and support incident response and recovery efforts. This summary provides an overview of the incident and outlines steps being taken to enhance cybersecurity protections.

What Happened

On or around April 7, staff reported network accessibility issues. The IT team identified that multiple systems were temporarily unavailable. We promptly initiated our incident response plan and disconnected impacted systems to contain the activity. We also implemented work arounds in order to avoid disruption to student instruction and testing. Of note, we were able to hold MCAS and Seal of Biliteracy testing, and SATs, without disruption.

We also engaged the services of dedicated cyber security specialists, including legal counsel and forensic specialists, to investigate the nature and scope of the incident. With the assistance of legal counsel, we notified law enforcement and are actively cooperating with their investigation. Our independent forensic investigation is now concluded, and we have resumed normal operations.

As part of our investigation, we are working to determine whether the incident impacted any personal or education information. At this time, a third-party review is underway to determine the nature and scope of potentially impacted information. Once that review is complete, FRPS will issue notifications in accordance with applicable privacy laws, as necessary.

Technical Timeline (High-Level Summary)

· Late January 2025: Indicators of unauthorized activity first appear in server logs. Following Weeks: The attacker moved within the network and deployed tools consistent with remote access and data staging.

· Early April 2025: Ransomware was deployed, encrypting district systems and disrupting services.

Immediate Response

· Systems were taken offline to contain the threat.

· A third-party forensic specialist was engaged for forensic investigation and response support.

· Clean backups were used to begin system restoration.

· Law enforcement and other relevant authorities were notified and provided with available technical evidence.

Ongoing and Future Actions

FRPS is actively strengthening its cybersecurity posture by:

· Implementing multi-factor authentication on privileged accounts.

· Conducting internal and external vulnerability assessments.

· Enhancing endpoint detection and response capabilities.

· Improving patch management across all systems.

· Engaging cybersecurity consultants for continued infrastructure hardening and staff training.

Final Note to the Community

Cybersecurity incidents are an increasing threat to public institutions, including school districts. Fall River Public Schools remains committed to protecting the integrity of its systems and the privacy of its community. We are continuing to work with experts and relevant authorities to ensure all necessary steps are taken to prevent future incidents and to comply with all applicable laws and regulations regarding notification and data privacy. Thank you for your continued support and understanding.