Significant Network Security Breach on Butler Tech Systems

UPDATE – Monday, Feb. 26, 2017

As result of last week’s security breach, some users may receive Spoof Emails that appear to be coming from Butler Tech accounts. The emails contain links that will infect computers if clicked. DO NOT CLICK THESE LINKS and delete the emails. The body of the message indicate a past due invoice or someone is awaiting payment. Again, do not click any links in these emails.

Common subject lines may include:

  • Paid Invoice & Credit Card Receipt
  • Invoice
  • Invoice for you
  • Question
  • Hi

ORIGINAL POST – Friday, Feb. 23, 2018

A significant network security breach has been detected that is impacting computers on Butler Tech’s computer network. A previously unidentified form of malware has been detected that is spreading to computers on Butler Tech campuses. The district’s information technology department is instructing all users to SHUT DOWN COMPUTERS while technology staff work to contain the infection. Users should not log on until they have been notified that the issue has been resolved.

The malware appears to seek out user account and password information in an attempt to access financial institutions. Efforts to access district financial accounts appears to have been unsuccessful due to the vigilance and extensive training of district financial and information technology staff.

The district is working with state and federal authorities to identify the source of the malware. Because it is a new form of malware, it was initially not detected by the district’s anti-virus and anti-malware screening systems.

The district is currently working to reimage its computers, which effectively stops the malware. In addition to shutting down computers, students and staff are being instructed not to connect to the Butler Tech network using their own personal devices or login to any personal accounts. Students have been instructed to leave their district-issued laptops at school so they can be serviced.

As a precaution, students and staff who may have logged in to personal accounts using a district computer during the past week are urged to immediately update their user name and / or password to proactively protect their accounts. There has been no evidence that any personal accounts have been compromised.