On November 4, external counsel for Kearsarge Regional School District in New Hampshire notified the New Hampshire Attorney General’s Office about a data security breach.
According to the notification, on August 27, the threat actor was able to access and possibly acquire a file containing information on 1,825 students enrolled in the district’s meal plan and 1,809 of their parents or guardians. The file included first and last name, address, phone number, date of birth, grade level, student’s state-issued identification number, the district-issued identification number, and their parent’s or guardian’s name and email address.
On October 20, parents or guardians were sent an email alerting them to the breach.