Chapel Hill-Carrboro City Schools Hit by Email Hack, Rickroll Prank
On Wednesday, Chapel Hill-Carrboro City Schools (CHCCS) fell victim to a cyberattack after an unauthorized user gained access to the district’s email system and sent a prank message to all students and staff. The school district confirmed the breach in an evening email, stating that the account had been secured and that recipients should disregard the fraudulent message.
The hoax email, sent from an account labeled CHCCS Admin with the subject line “Important Update Chapel Hill Carrboro Schools,” mimicked official district communications. It falsely claimed that CHCCS would continue distance learning for the 2020-21 school year due to COVID-19, assuring recipients of a “fantastic and SECURE virtual at home learning program.” The message included a link purportedly leading to a district video but instead redirected users to Rick Astley’s 1987 hit “Never Gonna Give You Up” a long-running internet prank known as “Rickrolling.” By Wednesday evening, the video had been taken down, displaying an error due to exceeded playback limits.
The email also contained sarcastic remarks about school leadership, including references to “lapses in leadership and professional judgement” and a mock farewell, ending with “We can only go up from here.” No group or individual has claimed responsibility for the attack.
CHCCS is working with law enforcement and state agencies to investigate the breach and prevent future incidents. The district, like others in North Carolina, has been operating under remote learning since March due to the pandemic.
Source: https://nsjonline.com/article/2020/05/chapel-hill-carrboro-schools-e-mail-hacked-by-rick-rollers/
Chapel Hill-Carrboro City Schools cybersecurity rating report: https://www.rankiteo.com/company/chapelhillcarrborocityschools
"id": "CHA1769570698",
"linkid": "chapelhillcarrborocityschools",
"type": "Breach",
"date": "5/2020",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'customers_affected': 'All students and staff',
'industry': 'Education',
'location': 'Chapel Hill, North Carolina, USA',
'name': 'Chapel Hill-Carrboro City Schools',
'type': 'Educational Institution'}],
'attack_vector': 'Unauthorized access to email system',
'customer_advisories': 'Email notification to disregard fraudulent message',
'date_detected': '2020-08-12',
'date_publicly_disclosed': '2020-08-12',
'description': 'Chapel Hill-Carrboro City Schools (CHCCS) fell victim to a '
'cyberattack after an unauthorized user gained access to the '
'district’s email system and sent a prank message to all '
'students and staff. The hoax email redirected recipients to a '
'Rickroll video.',
'impact': {'brand_reputation_impact': 'Minor reputational harm',
'operational_impact': 'Disruption of communication',
'systems_affected': 'Email system'},
'investigation_status': 'Ongoing',
'motivation': 'Prank',
'references': [{'date_accessed': '2020-08-12', 'source': 'Local news report'}],
'response': {'communication_strategy': 'Email notification to disregard '
'fraudulent message',
'containment_measures': 'Account secured',
'law_enforcement_notified': 'Yes'},
'title': 'Chapel Hill-Carrboro City Schools Email Hack and Rickroll Prank',
'type': 'Email Compromise'}