Penn-Harris-Madison (PHM) School Corporation in Mishawaka was targeted by a ransomware attack, leading to a network breach detected on a Monday morning. As a precautionary measure, the district shut down all network-connected desktop computers, though Chromebooks, laptops, mobile devices, and cloud-based applications remained operational. The attack’s scope is still under investigation by cybersecurity experts, with no confirmation yet on whether data was compromised. The incident disrupted administrative and educational operations, forcing reliance on alternative devices and systems. The district emphasized that the breach was limited to the network, but the potential exposure of sensitive data—such as student, staff, or financial records—remains unclear. Recovery efforts and forensic analysis are ongoing, with no immediate details on ransom demands or data exfiltration. The attack highlights vulnerabilities in school district cybersecurity, raising concerns about operational continuity and data protection.
TPRM report: https://www.rankiteo.com/company/penn-harris-madison-school-corporation
"id": "pen3132231090825",
"linkid": "penn-harris-madison-school-corporation",
"type": "Ransomware",
"date": "3/2025",
"severity": "75",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'education (K-12)',
'location': 'Mishawaka, Indiana, USA',
'name': 'Penn-Harris-Madison School Corporation',
'type': 'public school district'}],
'customer_advisories': ['Chromebooks/laptops, cell phones/tablets, and '
'cloud-based applications remain safe to use'],
'date_detected': '2023-11-13T00:00:00Z',
'date_publicly_disclosed': '2023-11-13T00:00:00Z',
'description': 'Penn-Harris-Madison (PHM) schools were targeted by a '
'ransomware attack, resulting in a network breach. As a '
'precaution, all network-connected desktop computers were shut '
'down, while Chromebooks, laptops, cell phones, tablets, Wi-Fi '
'devices, and internet/cloud-based applications remained '
'operational. The district is investigating with cybersecurity '
'experts, and it is unclear whether any data was compromised.',
'impact': {'downtime': {'network-connected_desktops': 'ongoing (as of '
'disclosure)'},
'operational_impact': 'Partial disruption (desktops offline; '
'Chromebooks/laptops/tablets/cloud services '
'operational)',
'systems_affected': ['network-connected desktop computers']},
'investigation_status': 'ongoing (with cybersecurity experts)',
'references': [{'date_accessed': '2023-11-13',
'source': 'South Bend Tribune'}],
'response': {'communication_strategy': ['email notification to parents'],
'containment_measures': ['shut down all network-connected '
'desktop computers'],
'incident_response_plan_activated': True,
'third_party_assistance': ['cybersecurity experts '
'(unspecified)']},
'stakeholder_advisories': ['email to parents'],
'title': 'Penn-Harris-Madison Schools Ransomware Attack',
'type': ['ransomware', 'network breach']}