Files were taken in BC3 ransomware attack
BUTLER TWP. — Butler County Community College has learned from a third-party forensic firm that the individuals responsible for encrypting certain devices connected to the college’s network in late November acquired certain files from BC3’s servers.
The college and the third-party forensic firm are reviewing the content and scope of those files. Pending the results of that review, BC3 will provide direct notice to anyone whose personal information was contained in those files.
BC3 has provided all of the information it has to share until the assessment has been completed and the full scope of the attack is understood.
The college’s information technology division experienced widespread technical difficulties on Nov. 24. BC3’s IT staff discovered that certain devices connected to the college’s network had been encrypted by a ransomware program.
BC3 initiated its response plan.
The college isolated devices and shut off certain systems to contain the ransomware attack. BC3 then contacted the third-party forensic firm. The college continues to utilize and install enhanced security tools on devices across its network.
BC3 also notified the FBI and is cooperating with its investigation.
The college did not pay a ransom in connection with the attack.
BC3’s IT division rebuilt every PC on the college’s main campus and at its additional locations; rebuilt services that control remote access and student desktops; and restored servers in its data center.
Final examinations for the college’s fall semester ended Dec. 18. BC3’s spring semester is underway.
Because of the ongoing investigations, BC3 cannot provide further information about the ransomware attack.