COLLEGE PLACE — Walla Walla University officials are investigating a campus-wide cyber attack that crashed online networks and phone lines this fall-finals week.
School officials today referred to the hacking, discovered Monday, as a ransomware incident but did not confirm a monetary ransom was demanded.
WWU’s email system is working once again, but a person answering a general contact phone on the campus said all other office phones have not been restored as of this morning.
On Twitter, one person identifying as Sonia Barreraa posted Tuesday that “apparently” someone hacked the school’s system and had demanded a ransom.
“…obviously our school didn’t pay, so all the servers are crashed, nothing is working which means all my deadlines today will be pushed till tomorrow,” the tweet said.
“It’s a Christmas miracle.”
Alerts sent to the campus cellphone tree Monday advised students not to log in to desktop or classroom computers and to unplug those from school networks.
“Do not try to connect it back to the WWU internet,” the message said.
Messages to staff noted login information had been compromised and passwords were no longer operational.
Through the school’s campus-wide phone alert system, students were told to work directly with professors about assignments and tests.
According to the alert system, all WWU email accounts were locked at 1 p.m. Monday and were to be restored on Tuesday. Students were required to present identification to the school’s information technology office in person to begin using school email accounts again.
Electronic time cards for staff were also affected; paper time cards had to be turned in, according to the alert system’s messages.
In an emailed official statement to the Union-Bulletin’s query about the incident, WWU spokeswoman Kim Strobel said the school is using the services of a forensics firm and working to secure the affected computer system and get it back online.
“Our academic administration worked with our professors to ensure the quarter was successfully completed,” she wrote.
In a statement, unidentified school officials said the university has been targeted by a ransomware incident and that access to some school systems is expected to remain limited through the end of the quarter, wrapping up this week.
“We understand the importance of protecting the information of our students, parents, employees, alumni and donors. As we work to complete the investigation of this incident, we will also look for opportunities to further enhance our existing security measures,” the statement said.
WWU President John McVay conveyed through the school’s emailed statement that although the incident was disruptive, he is proud of how students, faculty and staff pulled together to complete fall quarter as scheduled.
McVay said they are working to restore university systems, and he expects classes to resume as normal on Jan. 6.
“All organizations, including universities are facing rapidly changing cybersecurity risks in this digital age,” he said in the prepared statement.
“However, we look at the recent incident’s effect on our own campus as an opportunity to affirm our commitment to security.”