Campus Alert Archive
Truman State

Ransomware Shuts Down Truman State Network for a Week: FBI and DHS Called In as Campus Goes Dark

MOotheradvisorymedium confidence
Confirmed Threat

On April 21, 2023, Truman State ITS discovered a ransomware attack on the university network. All Truman-issued Windows devices and services were powered down. FBI field offices in Kirksville, Kansas City, and St. Louis, plus DHS, were called in. Online classes were cancelled Monday. Network services were restored over the week, with email returning on April 28. The university did not pay a ransom.

Alerts
2
Response
Killed
Injured
Institution
Truman State University
Public Bachelors · MO
~4,600 students
Confirmed Timeline

Alert Sequence

2 messages in sequence

Some alert texts below are approximate reconstructions from news coverage, not confirmed verbatim transcripts. Reconstructed texts are shown in italic with a dashed border. Verified verbatim texts have a solid border and are marked accordingly.

INITIAL ALERTmulti-channel
Approximate reconstructionReconstructed from Truman ID Info page, KTVO, and KBIA reporting263 chars
TRUMAN ALERT: A cybersecurity virus attack has been detected on the university network. All Truman-issued Windows devices and services are being powered down as a precaution. The campus network may be intermittently unavailable. Law enforcement has been notified.

This text has been reconstructed from news coverage and may not reflect the exact original wording.

ITS discovered the malware on the morning of Friday, April 21, 2023
All Windows-based devices and services were immediately powered down to prevent spread
The campus network was taken offline, effectively cutting off all digital communications
UPDATEEmail
Approximate reconstruction264 chars
TRUMAN UPDATE: Online classes are cancelled for Monday, April 24. ITS is working with FBI and DHS on solutions. In-person classes continue as scheduled. Preliminary assessments of campus workstations are underway. Updates will be provided as services are restored.

This text has been reconstructed from news coverage and may not reflect the exact original wording.

Online classes were cancelled for Monday April 24 while ITS assessed workstations
ITS worked with FBI field offices in Kirksville, Kansas City, and St. Louis, plus DHS
In-person classes continued, meaning the physical campus operated while the digital campus was offline
Context

Background

On April 21, 2023, Truman State University ITS discovered a ransomware attack on the university network in Kirksville, Missouri. All Truman-issued Windows devices were powered down immediately to prevent spread. The Record reported that ITS worked with FBI field offices in Kirksville, Kansas City, and St. Louis, as well as the Department of Homeland Security. KBIA reported that online classes were cancelled for Monday, April 24. Network services began restoring on April 25, with email service restored on April 28. The university's official Cyber Security Virus Attack page confirmed the university did not pay a ransom, and that no personally identifiable information from enterprise systems was believed to have been accessed. The weeklong disruption illustrates how cyberattacks can paralyze campus operations even without a physical threat.
Analysis

Key Findings

The university refused to pay the ransom while still restoring services within a week — a relatively fast recovery for a ransomware attack
FBI from three field offices plus DHS were involved, reflecting the federal seriousness of university ransomware attacks
Cyberattacks represent a growing but underreported category of campus emergencies that can affect every aspect of university operations
Outcome
ITS restored services over one week. The university did not pay a ransom. FBI and DHS assisted. No personally identifiable information from enterprise systems is believed to have been accessed.
Provenance

Sources

  1. Official
    Truman Networks Restored After Cyberattack (Truman Today)
    newsletter.truman.edu
  2. News
    Cybersecurity virus attack targets Truman State campus network (KTVO)
    ktvo.com
  3. national media
    Truman State University slowly recovering from cyberattack (The Record)
    therecord.media
  4. News
    Truman State works to restore services after cyberattack (KBIA)
    kbia.org
  5. Official
    Cyber Security Virus Attack (Truman ID Info)
    idinfo.truman.edu
Tags
cyberattackransomwaremissourifbidhsnetwork-shutdownweek-long-disruptionno-ransom-paidpublic-liberal-arts
Added April 2026Updated May 2026Via ingestion