SOUTH LYON, Mich. – The South Lyon Community School District is set to resume classes on Thursday morning, after schools were closed for three days due to a cybersecurity issue.
The district announced that classes would resume in a Facebook post and an email to parents from South Lyon Superintendent Steve Archibald.
“Good afternoon SLCS Community,
All South Lyon Community Schools will be OPEN tomorrow, Thursday, September 18th. While our investigation remains ongoing, we have made significant progress restoring systems. We appreciate everyone’s patience as we anticipate some continued disruption to certain functionality.”
Email sent out by South Lyon Community Schools Superintendent Steve Archibald
The cyber incident happened on Sunday (Sept. 14), causing a three-day closure for schools due to network issues.
District leaders previously said that they were unable to access network systems or phones due to an interruption.
They also stated that the district was collaborating with external cybersecurity experts to conduct an investigation.
In addition, the district confirmed that students’ personal information was not compromised.
Cyber attacks of schools becoming more common
Cyber attacks on schools, like the one that hit South Lyon, have become much more common over the last decade.
A stunning 82 percent of K-12 schools experienced a cyber incident between July 2023 and December 2024, according to the nonprofit Center for Internet Security.
Those attacks include ransomware attacks, phishing scams, data breaches, and malware.
“Never assume that you’re too small or too insignificant to fall victim to these attackers,” Matt Loria, the CEO of Auxiom, said.
Auxiom is based in Rochester and provides IT and cybersecurity services to a wide range of clients, including businesses, municipal organizations, and schools.
“They’re casting a wide net,” he said. “They’re leveraging AI tools to find the weak links, and that’s how they’re attacking, that’s how they’re getting in.”
“The cost of these breaches, attacks, and incidents can be quite tremendous,” Auxiom added. “The cost of prevention is far less than the cost of the actual incident when it happens.”
In the case of schools, Auxiom advises that school devices, particularly those handling sensitive data, be kept separate from public devices that could be accessed by students or outsiders.
It doesn’t take much of an opening for the bad guys to crash your system.
“You don’t have to be General Motors; you don’t have to be a big hospital system; you don’t have to be the South Lyon schools,” Auxiom said. “You can be much smaller than that and still fall victim to this.”