Eanes Independent School District near Austin restored Wi-Fi after a weeklong outage this month, as a ransomware group later listed the district online, a claim the district has not confirmed.
A listing on the ransomware-tracking site Ransomware.live shows “Eanes ISD schools” posted as a purported victim by the Qilin ransomware group, with a discovery date of Dec. 22. The site provided no additional details about the claim.
Earlier in the month, The Featherduster, a student publication at Westlake High School, reported Eanes ISD lost Wi-Fi on Saturday, Dec. 6, and went nearly a full week without connectivity until service was restored Friday, Dec. 12. The report said tools including Skyward and Google Classroom were unavailable and staff used paper-based workarounds.
Chip in once
If this reporting helped you, a one-time tip helps cover hosting, tools and future investigations.
Support us monthly
A small monthly pledge keeps independent coverage and our reader tools online for everyone.
The publication said administrators did not share the cause of the outage beyond describing it as “a cybersecurity situation,” and that service was restored as finals approached. Eanes ISD has not publicly linked the outage to ransomware or confirmed the Qilin listing.
The school board’s Dec. 9 meeting agenda listed possible closed-session items including deliberations on security devices or audits and student personally identifiable information, but it did not specify any connection to the outage.
A Reddit post included unverified claims that a parent email referenced a “cybersecurity incident.” Those accounts could not be independently confirmed. The district did not respond to a request for comment.
Eanes ISD serves about 7,700 students across nine campuses in the West Lake Hills area, including Westlake High School, according to the district.
The episode follows a pattern seen at other Texas districts where outages precede or coincide with leak-site claims that remain unconfirmed. Clarksville ISD, for example, reported a districtwide network disruption in late November, and a separate ransomware claim later appeared online without confirmation from officials.
