Howard University will resume in-person classes on Wednesday, but online and hybrid classes will remain suspended and the campus will largely stay closed in the wake of a ransomware attack on the university’s computer network over the long weekend.

The update on the university’s operating status came on Tuesday afternoon, the day that all classes were cancelled and the campus shuttered to all but essential employees after the attack, which impacted university computers and WiFi on campus.

In a statement posted on the university’s website on Monday evening, Howard vice president Tashni-Ann Dubroy and provost Anthony K. Wutoh said that university employees detected unusual activity on the network on Friday, prompting them to shut it down “to mitigate potential criminal activity.” The shutdown continued over the weekend, impacting campus computers, WiFi, and cloud-based storage and apps.

“[R]emediation, after an incident of this kind, is a long haul — not an overnight solution,” said the university in its statement. “We are currently working with leading external forensic experts and law enforcement to fully investigate the incident and the impact. To date, there has been no evidence of personal information being accessed or exfiltrated; however, our investigation remains ongoing, and we continue to work toward clarifying the facts surrounding what happened and what information has been accessed.”

On Tuesday afternoon, Dubroy and Wutoh said the investigation into what happened would continue into Wednesday. They also said an alternative WiFi network would be deployed on campus, but that it would not be ready by Wednesday. And while in-person classes would resume, “course lecture content requiring internet access on campus may not be available.”

Ransomware attacks — where hackers steal or block access to critical information and demand payment to return it — have been on the rise in recent years, targeting businesses, academic institutions, and governments. In Sept. 2020, confidential information about staff and students was published on the dark web after Fairfax County Public Schools was targeted in a ransomware attack. And earlier this year foreign hackers stole 250 gigabytes of files and data from the Metropolitan Police Department, making most of the trove public after negotiations between the city and the hackers failed.

The ransomware attack comes only two weeks after Howard welcomed back thousands of students for in-person classes. In their statement, Dubroy and Wutoh said they would provide daily updates on the status of the investigation into the attack.

“This is a moment in time for our campus when IT security will be at its tightest,” they said. “We recognize that there has to be a balance between access and security; but at this point in time, the university’s response will be from a position of heightened security.”