Stride Identifies Ransomware
Cyberattack on Its Systems and Network
December 1, 2020
K12 Inc. to be Stride, Inc. effective
December 16, 2020 has detected unauthorized activity on its network, which has
since been confirmed as a criminal attack in the form of ransomware.
Upon identifying unusual system activity, we quickly initiated our response,
taking steps to contain the threat and lock down impacted systems, notifying
federal law enforcement authorities, and working with an industry-leading
third-party forensics team to investigate and assist with the incident.
Importantly, students at the schools we serve continue to learn. Based on our
investigation to date, the attack did not affect the Learning Management System
(LMS) that is used to deliver educational content to students and to host
student accounts no data on the LMS was compromised nor has the delivery of
services over the LMS been interrupted in any way. Our client schools charter
and district online schools are still open, operating, and secure, as they
have been since the start of the pandemic. Additionally, all major corporate
systems including payroll, accounting, enrollment, financial reporting,
procurement, and shipping have remained operational through this incident.
We do believe that the attacker accessed certain parts of our corporate
back-office systems, including some student and employee information on those
systems, but it will take further time to determine the scope of the information
We carry insurance, including cyber insurance, which we believe to be
commensurate with our size and the nature of our operations. We have already
worked with our cyber insurance provider to make a payment to the ransomware
attacker, as a proactive and preventive step to ensure that the information
obtained by the attacker from our systems will not be released on the Internet
or otherwise disclosed.
While there is always a risk that the threat actor will not adhere to negotiated
terms, based on the specific characteristics of the case, and the guidance we
have received about the attack and the threat actor, we believe the payment was
a reasonable measure to take in order to prevent misuse of any information the
Stride considers the security and integrity of our systems and network among our
top priorities, particularly considering the large shift this year to remote
learning and work due to COVID-19. While no company can ever eliminate the risk
of a cyberattack, we are working extensively with an industry-leading
third-party forensics firm to ensure that we are taking all appropriate steps to
prevent any incident like this from happening again.
addition, as part of our response to this incident, we have assembled a team of
advisors on data security compliance, including former United States Attorneys
and state Attorneys General with experience in handling criminal cyberattacks,
and other technical advisors. The team includes Catherine Hanaway, former US
Attorney for the Eastern District of Missouri; William Lockyer, former
California state Attorney General; and John Byron (J.B.) Van Hollen, former
Wisconsin state Attorney General and former US Attorney for the Western District
of Wisconsin. The team will assist in guiding our efforts in response to this
incident, including compliance with state and federal laws, continued
cooperation with law enforcement, and communications with outside parties
concerning the incident.
This investigation is active and ongoing and our systems are operating with
minimal impact. Based on the information currently known and our investigation
to date, we do not believe the incident will have a material impact on our
business, operations or financial results.