Security Firm Investigating Malware Attack at Long Beach City College

Long Beach City College is awaiting the results of a report by an outside security firm hired to  investigate how a malware attack was able to infiltrate multiple computer systems on campus, which  prevented employees and students from accessing emails or enrolling for classes for nearly a month.

LBCC officials said the cyber-security incident was discovered Tuesday, April 10. The unidentified malicious software impacted employee computers as well as email, phone and student systems.

“Some employee files were encrypted [by the malware] and therefore are unrecoverable,” LBCC spokeswoman Stacey Toda told the Post in an email. “However, there is no indication at this time that any personal student or employee data was stolen.”

The LBCC student newspaper Viking News reported that one professor’s computer system was completely wiped, causing him to lose his files. 

Computers in classrooms and laboratories were not affected and classes took places as regularly scheduled, school officials said, but Viking News reported that the malware prevented professors from accessing their work or grades, causing them to cancel class and put a hold on work.

The incident did force LBCC to extend some deadlines, including for summer session enrollment, which was pushed back to a May 7 deadline instead of April 23.

Students were finally able to access the Viking Student System, a portal to check grades and financial aid as well as other services, by April 27. Most systems related to LBCC faculty and staff have been brought back online, as well.

College officials said there is no evidence at this time that any personal data was stolen and confirmed no ransom was demanded.

The systems have been restored by LBCC’s Instructional and Information Technology Services team, which has also been working with the cyber forensics team investigating the incident.

For a complete list of the statuses of the affected LBCC systems click here

Editor’s note: a previous version of this story stated that some LBCC staff with enrolled in direct deposit were given paper checks during the cyber-security incident. In fact, school officials were beginning to take steps to issue paper checks but were able to work around the issue in time for mid-month direct deposit, according to Toda.

Support our journalism.

Hyperlocal news is an essential force in our democracy, but it costs money to keep an organization like this one alive, and we can’t rely on advertiser support alone. That’s why we’re asking readers like you to support our independent, fact-based journalism. We know you like it—that’s why you’re here. Help us keep hyperlocal news alive in Long Beach.