Campus Alert Archive
COD

Second Ransomware Strike in Two Years Knocks College of the Desert Offline for Nearly a Month

CAinfrastructure failureadvisorymedium confidence
Confirmed Threat

On July 5, 2022, College of the Desert in Palm Desert, California was struck by a ransomware attack that took down its website, phone systems, email, and most online student services for nearly a month. The attack -- the second in two years at the community college -- prompted an FBI investigation and engagement of a third-party cybersecurity firm. About 800 individuals ultimately had personal information potentially accessed without authorization, which was disclosed nearly nine months later in early March 2023.

Alerts
2
Response
Killed
0
Injured
0
Institution
College of the Desert
Community College · CA
~12,500 studentsCOD Emergency Alert
Confirmed Timeline

Alert Sequence

2 messages in sequence

Some alert texts below are approximate reconstructions from news coverage, not confirmed verbatim transcripts. Reconstructed texts are shown in italic with a dashed border. Verified verbatim texts have a solid border and are marked accordingly.

INITIAL ALERTWebsite
Approximate reconstruction428 chars
College of the Desert is experiencing a malware attack that has resulted in a system-wide outage of most online services. Our website, email, phone systems, and online student services are currently unavailable. Classes are not canceled. We have contacted the FBI and engaged a third-party cybersecurity firm to assist with our response. We will provide updates as soon as they are available. We apologize for the inconvenience.

This text has been reconstructed from news coverage and may not reflect the exact original wording.

The confirmation that 'classes are not canceled' despite a near-total network outage was logistically challenging for a community college where many students depend on Canvas and email to access coursework.
COD's public information officer Nicholas Robles referred to it as a 'malware attack' rather than ransomware, a distinction the college maintained for weeks.
UPDATEWebsite
Approximate reconstruction439 chars
College of the Desert continues to work with cybersecurity experts and the FBI to restore our systems following the July 5 malware attack. Most online services remain unavailable. Students will not be dropped from classes due to non-payment of fees during the outage. Canvas, Adobe, and Microsoft Teams remain accessible via direct links outside the college's network. We expect full restoration of all online services in the coming weeks.

This text has been reconstructed from news coverage and may not reflect the exact original wording.

The assurance that students would not be dropped for non-payment reflects how billing systems -- including payment portals -- were also taken offline by the attack.
The note that Canvas, Adobe, and Microsoft Teams were accessible via direct links suggests these cloud-hosted platforms survived because they were not on COD's internal network.
Context

Background

The July 5, 2022 ransomware attack was the second time College of the Desert had been struck by malware in two years. The first attack occurred in August 2020, when COD paid $1.1 million to regain access to its systems -- one of the largest ransomware payments by any community college in the US. The 2022 attack knocked out the college's website, email, landlines, and online student portal, serving roughly 12,500 students in the Coachella Valley. The Record from Recorded Future News reported that the attack wiped out email, the public website, and landline phone service simultaneously, leaving staff without basic communication tools. The FBI investigated, and COD hired a third-party cybersecurity firm to manage remediation. All online student services were not fully restored for nearly a month. In early March 2023, COD disclosed that the personal information of approximately 800 people may have been accessed without authorization during the July 2022 attack -- a nine-month gap between attack and notification that drew criticism from privacy advocates. A separate, smaller malware incident also struck COD in April 2023, underscoring persistent cybersecurity challenges at the institution.
Analysis

Key Findings

Second ransomware attack in two years at COD; the 2020 attack had cost the college $1.1 million in ransom.
Attack on July 5, 2022 took down website, email, phone, and online student services for nearly a month.
Canvas, Adobe, and Microsoft Teams remained accessible via cloud; billing systems were offline and student fee deadlines were suspended.
Data breach affecting approximately 800 individuals disclosed in March 2023, nine months after the attack.
FBI investigated; a third-party cybersecurity forensics firm managed remediation.
Outcome
COD worked with a third-party forensics firm and the FBI to restore systems over approximately four weeks. All online student services were restored by early August 2022. A data breach notification was issued in March 2023 for approximately 800 individuals whose personal information may have been accessed.
Provenance

Sources

  1. News
    Malware Attack Hits College of the Desert -- Inside Higher Ed
    insidehighered.com
  2. News
    Cyberattack knocks out California community college email, website, landlines -- The Record
    therecord.media
  3. News
    College of the Desert victimized once again by ransomware -- DataBreaches.net
    databreaches.net
  4. News
    COD data breach possibly compromised 800 people -- KESQ
    kesq.com
  5. News
    COD paid $1.1M to hackers in 2020 ransomware attack -- KESQ
    kesq.com
  6. News
    California College with 12,500 Students Knocked Offline -- SiliconAngle
    siliconangle.com
Tags
ransomwaremalwarecommunity-collegenetwork-outagedata-breachfbicaliforniacoachella-valley2022
Added May 2026Updated May 2026Via ingestion