On June 17, 2024, the Alabama State Department of Education (ALSDE) detected some malicious activity when their tech staff noticed someone was stealing personal data from their system. The agency quickly secured the whole system to stop the hackers from gaining full access and locking them out. Subsequently, they notified federal and state law enforcement about the data breach. In a press conference, Dr. Eric Mackey, State Superintendent of Education in Alabama, said, “We are not going to negotiate with foreign actors or extortionists. And we’ve made that very clear. The FBI has made it clear that they never recommend negotiating with these foreign extortionists and we will not be doing that.” Furthermore, Mackey said, “Things like direct deposit information, we obviously don’t keep that at State Department of Education. But there would be some Personally Identifiable Information (PII) that we have on students and teachers that might have been compromised.

The Alabama State Department of Education in Montgomery, Alabama is responsible for overseeing public education in the state. It serves as the primary educational authority for the state, providing leadership, guidance, and support to local school districts and educational institutions. The ALSDE is responsible for developing and implementing policies, standards, and curriculum, and provides funding and resources to schools. Additionally, it strives to guarantee equal access to quality education for all students in the state.

This is an ongoing criminal investigation, and the department is working with the Alabama Attorney General’s office, the Alabama Office of Information Technology, federal and state law enforcement, and an independent contractor known for its expertise in anti-hacking technologies. “All of our data are all back up and running. We were able to restore every server using backups that we had. We know that those are clean backups, and they have all been checked to make sure that there’s no extraneous code that could be used against us in the future. We are able to say that our services have been restored. Additional cyber security protocols have been deployed,” Mackey said.