East Multnomah County’s Centennial district struggles through two weeks with hacked computers

By Rob Manning (OPB) and Sage Van Wing (OPB)
May 7, 2021 11:46 p.m.

School districts have been hacked before. But during a pandemic, with so much instruction and communication online, it’s even worse right now.

There’s never a good time to have your computer hacked. But trying to run computer-based online learning classes during a global pandemic is probably about the worst time imaginable for a school district to deal with an “unknown actor” seizing control of its computer files.


Since the COVID-19 pandemic shut down school buildings across Oregon in March 2020, districts began running computer-based “comprehensive distance learning” for hundreds of thousands of students. Even as Gov. Kate Brown ordered schools to reopen in March 2021, most students in the state have continued to receive at least some of their instruction online.

But not in the Centennial School District in east Multnomah County — or not lately, at least.

Centennial officials realized their computers had been infiltrated on Monday, April 26, when information technology staff noticed a file had been encrypted by someone outside the district. They responded by shutting down every system they could.

That disruption of financial, communication and other administrative systems would be challenging for any big organization in the 21st century. For a school district running classes during the pandemic, it also means disabling a means of providing instruction.


Spokesperson Carol Fenstermacher acknowledged that Centennial isn’t the first district to get hacked. But she said schools that dealt with this in the past were doing regular, in-person instruction.

“That isn’t the situation that we’re in right now, with this hybrid learning situation,” Fenstermacher told OPB’s Think Out Loud Friday. “Students were in classes for just a couple hours, a couple days a week, and the rest of the time, online. We haven’t been able to have them online for two weeks.”

Fenstermacher said the district is relying on paper packets for student work and personal devices for district business.

“It’s very old school right now,” Fenstermacher said. She said teachers have been relying on phone numbers they have for student families, and staff have been learning each others’ personal email addresses.

Fenstermacher said there’s no sign sensitive personal information or financial data has been compromised. She said private student information is stored at the Multnomah Education Service District, and payroll information is in the hands of a third-party vendor.

Three years ago, the Roseburg Public Schools suffered a similar ransomware attack and paid a ransom. Fenstermacher said that could be a possibility for Centennial, though she didn’t offer any details about a ransom demand.

Fenstermacher said the district has contracted with a cybersecurity firm, which is still digging through systems to find out what’s been compromised. She’s been told that some data is likely to be missing as systems come back online.

“We’re still at the stage of ‘We don’t know what we don’t know,” Fenstermacher said.