Cyberattack Disrupts Georgia’s Coweta County School System, Classes Continue

The Coweta County School System, based in Newnan, Georgia, and serving the entire county, experienced a cyberattack on its internal network around 7 p.m. on Friday, May 2, 2025. The incident is under investigation by federal, state, and local authorities, including the Georgia Emergency Management Authority and Homeland Security. In response, internal systems were taken offline and employees were instructed not to use desktop computers. Despite the disruption, school operations remain uninterrupted, with Advanced Placement and Georgia Milestones testing continuing as scheduled. Access to the school’s internal network remains restricted during the ongoing investigation.

Student Chromebooks, Wi-Fi, and phone services remain unaffected. At this stage, officials report no evidence that student or employee personal data was compromised. However, this type of early reassurance is common in such incidents, and data often surfaces later on the dark web as part of double extortion tactics employed by ransomware groups. While the school system has not disclosed the specific nature of the attack, the operational disruptions and incident response measures follow a pattern consistent with ransomware activity observed in similar school district incidents.

The attack comes amid a wave of cyber incidents targeting Georgia institutions and public school systems across the country. Bartow County Schools recently experienced a multi-day internet outage following a cyber event, and Marietta City Schools were struck by a ransomware attack in late 2024. Nationally, school districts in Oklahoma, North Carolina, and Texas have also suffered recent breaches that disrupted standardized testing, communications, or access to internal systems. These incidents underscore growing cybersecurity vulnerabilities in the K–12 education sector, where many districts operate with limited IT and threat detection resources.