No Evidence Information Was Exposed in Centralia College Ransomware Attack 

Investigation Underway; Classes To Continue As Scheduled 


Investigators have so far found no evidence that any information from Centralia College’s local servers left the campus when the servers were victim to a ransomware attack Monday morning. 

But until a third party is finished investigating the ransomware attack and recovering the college’s data, all of Centralia College’s local servers will be unavailable to faculty and students. 

“Everything is just kind of shut down and on hold until we get more info from them,” Centralia College Relations Director Amanda Haines said. 

The ransomware attack was discovered after Centralia College faculty logged onto their desktop computers early Monday morning to find that their files “looked weird,” Haines said. 

Faculty members reported the phenomenon to campus IT staff, who investigated and discovered the attack sometime before 8 a.m. on Monday. 

All campus desktop computers and other devices that utilize the college’s local servers were immediately shut down when the attack was discovered, Haines said.

Those local servers house the college’s website and files that were saved to campus desktops, but the bulk of the college’s information was transferred to cloud systems in 2020. 

Centralia College was among a large group of Washington schools to shift their information to cloud-based systems in the last few years. Centralia College was included alongside five other schools in the fourth phase of the statewide shift to a network called ctcLink. That network was unaffected by the ransomware attack. 

“While the attack is clearly challenging and disruptive, we’re in a better place to combat it due to changes we implemented over the last two years,” Centralia College President Bob Mohrbacher said in a written statement. 

“We are doing everything we can to get through this as quickly and painlessly as possible, particularly for our current students,” he said. 

Students and staff can’t use the on-campus computers and both the campus Wi-Fi and are down, but staff and students can still access college phones, online classes, email and online accounts off-campus. 

Faculty and students are still able to communicate via email and through Canvas, an online learning platform. 

“Students are used to communicating with their instructors in that online space already. A lot of work has already been done there,” said Haines. 

All online and in-person classes are continuing as scheduled. 

In-person services at the main Centralia College campus and at CCEast in Morton are available, but may be limited.

“People are worried just because the course of work has been affected, but we’re lucky this happened now as opposed to two years ago,” said Haines. 

The college is working closely with the State Board for Community and Technical Colleges and leveraging all resources available to minimize the impact and duration of the outage, stated Centralia College in a news release. 

Ransomware is broadly defined as a malicious software designed to block access to a computer system until a sum of money is paid.

Additional information will be shared as it becomes available through the course of the investigation.