Finalsite hit by ransomware, shuts down 5,000 school websites

Finalsite, a provider of website design, hosting, and content management solutions for school districts, suffered a ransomware attack that impacted 5,000 out of its 8,000 global customers. The incident caused widespread disruptions, with affected websites becoming inaccessible or displaying errors.

Initially attributed to "performance difficulties," Finalsite later confirmed that ransomware was the root cause. The ransomware presence was identified on Tuesday, January 4, 2024.Approximately 5,000 school websites were taken offline. Schools in Kansas City, Illinois, and Missouri were notably affected.

Finalsite worked to contained the attack, with third-party forensic specialists assisting in the investigation.

They rebuilt its systems in a clean environment. Most front-facing websites are back online, though some sites still experience issues such as missing styling, admin login functionality, calendar events, or constituent directories

The company claims it has no evidence that any data was exfiltrated but continues to work with forensic specialists to complete an investigation.