The U.S. Department of Homeland Security is investigating a cybersecurity breach at Moscow School District 281, Superintendent Shawn Tiegs said. The inquiry follows an “intrusion” into the district’s internal network last week, according to the Lewiston Tribune. Classes remain in session in Moscow, Idaho, though some operations are disrupted as systems are restored and forensic work continues. Officials have not said how the attack occurred, whether data were accessed, or if ransomware is involved. The district serves more than 2,000 students across five schools.
DHS commonly supports K-12 incident response through the Cybersecurity and Infrastructure Security Agency, which urges schools to use multifactor authentication, segment networks and improve logging. It is not clear whether the ongoing federal lapse in appropriations is affecting CISA’s ability to assist the district. Moscow School District appeared on Idaho’s data-breach notification list in January 2025 in connection with the statewide PowerSchool incident.
