MANASSAS PARK, Va. – The folks at Manassas Park City Schools just told Potomac Local News they were the target of a ransomware attack back in June—and some personal information might’ve been exposed.
The school division says it first learned of the incident on June 13, 2025, and quickly brought in IT staff and outside cybersecurity experts to investigate and secure its network. Hackers had reportedly accessed the system a day earlier and encrypted parts of it. While there’s no confirmation that anyone’s personal data was taken or misused, officials are alerting those who might be affected—just in case.
Data that could’ve been exposed includes names paired with Social Security numbers, passport info, or bank account details. The school system has since ramped up its security, brought in new monitoring tools, and contacted both the FBI and the Virginia Fusion Center.
If you think you might be affected or just want to double-check, Manassas Park City Schools is offering a toll-free help line. Details are below.
Here’s the full press release:
Data Incident Notification
The Manassas Park City Schools (“MPCS”) writes to notify you of a data security incident that may have impacted you. This notice is to inform you about the incident, our response, and steps you may take to protect against possible misuse of your personal information, should you feel it appropriate to do so.What Happened?
On or about June 13, 2025, MPCS became aware that it was the victim of a data incident. Immediately, MPCS’s management, IT and third-party cybersecurity experts were engaged to investigate the incident, secure personal information and protect MPCS’s network from compromise.To date, our investigation revealed that malicious actors gained access to MPCS’s network on or about June 12, 2025, and deployed ransomware to encrypt portions of the network. The malicious actors’ network access was terminated as soon as it was detected. There is no definitive evidence that your personal information was accessed at this time. However, because an unknown actor gained access to our network, we are providing this notice out of an abundance of caution. To date, we have not received any indication that your information was misused by an unauthorized individual.
What Information Was Involved?
It is possible that your full name or first initial and last name combined with your Social Security number, passport number or financial account information may have been seen or accessed. This information is called your personal information. It tells others about you and is a part of your identity.What We Are Doing.
We take the confidentiality, privacy, and security of information in our care seriously. Upon discovering the incident, information technology experts were immediately engaged and commenced an investigation to determine the nature and scope of the incident. Additionally, we have reported the attack to the Federal Bureau of Investigation (FBI) Cyber Division and the Virginia Fusion Center, and we are committed to fully supporting any law enforcement investigations. While the investigation remains ongoing, we are taking steps now to implement additional safeguards and review policies and procedures relating to data privacy and security.MPCS has implemented additional security measures designed to further protect the privacy of our students, staff and partners. Among other steps taken, we engaged a leading strategic service provider to monitor our cybersecurity systems, reviewed our system’s architecture, and implemented stronger policies to prevent future attacks.
What You Can Do.
We encourage you to remain vigilant against incidents of identity theft and fraud, to review your account statements, and to monitor your credit reports for suspicious activity. We also encourage you to review the “Steps You Can Take to Help Protect Your Information” posted below.For More Information.
We understand that you may have some questions about this incident that are not addressed in this letter. Should you have additional questions, please contact MPCS at 877-756-5552, toll-free Monday through Friday from 9 a.m. to 9 p.m. ET (excluding major U.S. holidays). Be prepared to provide the engagement number B149826 to help better assist you with your inquiry.We apologize for any inconvenience that may have arisen as a result of this incident and appreciate your understanding as we have worked to resolve this issue.
Sincerely,
Dr. Melissa Saunders
Superintendent
Subscribe to our FREE email newsletter to get local news you can trust.
https://www.potomaclocal.com/email-subscription/
