This webpage provides information on the network security Incident that occurred in Providence Public School District (PPSD) during September 2024. We understand the concern this matter has caused for our families and staff. Throughout this situation, we have worked closely with cybersecurity experts and law enforcement to ensure our continued security while keeping our community informed as information has become available. As has been detailed in national reports, these types of incidents impacting school communities have increased across the country in recent years and are incredibly sensitive. As previously shared, when PPSD became aware of potential unauthorized access by an unknown actor, we shared that certain data impacted might include personal information. 

What happened? 

On September 11, 2024, the district was alerted of the detection of irregular activity on its IT network. IT staff followed security protocols and worked to isolate the activity and shut down the network. PPSD also alerted law enforcement and other authorities of the situation, and engaged third party experts to begin conducting a forensic analysis of the network.

As the restoration of the network and an analysis on what had occurred was underway, PPSD was alerted that an unverified, anonymous group was claiming to possess PPSD files. While PPSD was not able to verify the claims that this group did in fact possess authentic files, the group posted a list of filenames that they purported to have. Those unverified files appear to include documents saved by individual employees to the PPSD shared drive as well as departmental files maintained on internal PPSD servers. After a review of the filenames, PPSD became concerned that certain files listed by the group could potentially include personally identifiable information of employees and some former employees and issued additional communication to the school community on September 25. 

What information was potentially involved?

While we have not been able to confirm what files are in fact in the possession of this anonymous group, we are operating as if this group possesses that information. Based on the investigation so far, we have learned that information may have been accessed by an unauthorized actor between August 30 and September 11, 2024 and that the information could include names, addresses, and social security numbers of employees. The number of individuals potentially impacted includes 12,000 current and former employees.

What is PPSD doing to address the issue?

PPSD takes information security very seriously. After detecting unusual activity, we took immediate steps to identify and contain the intrusion, and we reported the matter to law enforcement. We have been working with outside cybersecurity experts and have implemented specific steps to safeguard against potential unauthorized access. We are also evaluating additional measures to further enhance our protocols for the protection of your personal information and accounts.

What is PPSD doing to help affected individuals?

PPSD has contracted with a third party credit monitoring company. To assist staff in protecting themselves against identity theft, we have arranged to make available to them five years of identity theft resolution services at no charge. Staff must register for the service before the December 16, 2024 deadline.

Has student information been accessed?

Although the District has always maintained safeguards, including a protected, monitored, and encrypted server, the officials leading the ongoing PPSD investigation have verified that student and staff personal information was accessed by the outside group.

It should be noted that PPSD's student information system and the family communication system are stored on external, cloud-based servers that were not impacted. 

Were student IEPs affected?

At this time, we are still reviewing student files that were identified. In general, all students IEPs are stored in a third-party, external server. 

What student information or files could have been accessed?

Please know the analysis is ongoing and if that analysis determines that the information of an individual is compromised, they will be notified.

What can you do to safeguard your information?

As always, we recommend you to be on the alert for suspicious activity related to your financial accounts and credit reports. We encourage you to regularly monitor your statements and records to ensure there are no transactions or other activities that you did not initiate or authorize. You should report any suspicious activity to the appropriate service provider. More information can be found below. 

How will PPSD safeguard unauthorized access in the future?

We have implemented additional safeguards to prevent unauthorized access in the future and are evaluating additional measures to further strengthen the security of the network. In the coming months, there will be cybersecurity training for all District staff and students. We acknowledge the seriousness of this incident. An incident like the one we experienced is deeply concerning. Our commitment is to communicate responsibly, and we assure you that we are actively addressing the situation.

What if I have more questions?

For employees and former employees with questions about credit monitoring: If you have further questions in regard to this matter, our dedicated call center can be reached beginning at 1-800-331-3865, Monday-Friday between 8:00 a.m. to 7:00 p.m. Eastern, Saturdays 9:30 a.m. to 6:00 p.m.

For former and current employees requesting their activation code: contact incidentsupport@ppsd.org 

For general questions: contact incidentsupport@ppsd.org