Spring Lake Park Schools, a district north of Minneapolis, canceled classes Monday after shutting down its systems following what officials described as a suspected ransomware incident.
The district said there would be no school Monday, April 13, after several technology systems went down and officials determined systems needed to safely operate schools were unavailable. Child care, community education programs and after-school activities also were canceled.
In a notice to families, the district said its technology team confirmed Sunday that an outside actor had gained access to some district systems. Staff then shut down all systems to prevent further access.
The district’s notices did not identify a specific threat actor, and no group had publicly claimed responsibility as of publication. The district did not respond to an email from DysruptionHub seeking additional details.
The district said it was working with third-party cybersecurity experts and law enforcement and expected to provide another update Monday.
Spring Lake Park Schools serves about 6,200 students from Spring Lake Park, Blaine and Fridley in the north Minneapolis-St. Paul metro, according to district profile information and federal district records.
Chip in once
If this reporting helped you, a one-time tip helps cover hosting, tools and future investigations.
Support us monthly
A small monthly pledge keeps independent coverage and our reader tools online for everyone.
The closure follows other recent education-sector cyber disruptions in and beyond Minnesota. In March, Minnesota-based student software provider Infinite Campus said an unauthorized actor accessed an employee’s Salesforce account, prompting the company to disable certain customer-facing services. Other K-12 districts also have faced recent operational disruptions, including Hanover County Public Schools in Virginia, which continued instruction without technology while internet and multiple systems remained unavailable, and Bellflower Unified in California, where phone and network disruptions led to a third-party forensic review.
The district said it was working with third-party cybersecurity experts and law enforcement to restore essential systems and had not said by late Sunday whether any data was accessed or when classes might resume.
