New Mexico school district still offline from ransomware

Administrators, who have shut down systems as they resolve the issue, say they're "not exactly sure" when they'll be operational again.
(Taylor Vick / Unsplash)

All computers and internet servers across the Las Cruces Public School District in New Mexico were shut down last week in response to a ransomware attack. Administrators of the 39-school district confirmed Monday its servers will remain offline indefinitely.

“There are still a lot of questions about the ransomware attack at LCPS,” Karen Trujillo, LCPS interim superintendent, said in a tweet. “Please know that we are not the first district to be attacked and we won’t be the last.”

Trujillo confirmed in her tweet that no data was breached as a result of the attack and that school operations will proceed as normally as they can.

“Teaching, [individual education plans], and evaluations will continue daily,” she said. “We are here to serve our students. This is temporary and we will get through it together as a team. Be positive, be resourceful and connect with each other in a different way.”


The ransomware was discovered on district servers in the early morning of Oct. 29, after which district officials took to Facebook and informed parents and students that the district was experiencing “technical difficulties with internet and phone services” and was working quickly to resolve the issue.

However, district officials still do not know when school computers and internet serves will be running again.

“Our system is still down,” a spokesperson for LCPS told EdScoop. “We’re not exactly sure when it’s going to be back up and running.”

According to Trujillo, internal email has not been affected but staff is unable to send or receive email from outside the district. In light of this, teachers and administrators will use the communication platform Remind, and phones to keep parents informed.

“The IT department is working overtime to get everything up and running in a systematic way so that we get it right the first time,” Trujillo said.


As a precaution, New Mexico State University has blocked direct network access to LCPS as well as incoming IP addresses from the district, the Las Cruces Sun News reported. NMSU staff were also asked not to open any emails from LCPS accounts until IT issued an all clear.

The attack is just one in a string of recent ransomware attacks against public institutions from foreign actors seeking to collect bitcoin payments. According to StateScoop’s ransomware data, 23 school districts have been hit by ransomware since August.

Editor’s Note: This story was updated on Nov. 4, 2019 with additional information. 

Betsy Foresman

Written by Betsy Foresman

Betsy Foresman was an education reporter for EdScoop from 2018 through early 2021, where she wrote about the virtues and challenges of innovative technology solutions used in higher education and K-12 spaces. Foresman also covered local government IT for StateScoop, on occasion. Foresman graduated from Texas Christian University in 2018 — go Frogs! — with a BA in journalism and psychology. During her senior year, she worked as an intern at the Center for Strategic and International Studies in Washington, D.C., and moved back to the capital after completing her degree because, like Shrek, she feels most at home in the swamp. Foresman previously worked at Scoop News Group as an editorial fellow.

Latest Podcasts