Nader Issa and Lauren FitzPatrick report: A massive data breach has exposed four years’ worth of records of almost 500,000 Chicago Public Schools students and nearly 60,000 employees, district officials told principals Friday. The attack targeted a company that has a no-bid contract with the district for teacher evaluations and involved basic student and staff…
Category: Education Sector
NYC Education Dept. will roll out its own online gradebook after security breach and data hack
Michael Elsen-Rooney reports: The New York City Education Department is planning to roll out its own online grading and attendance system to replace a widely-used platform that was hacked earlier this year, exposing the personal information of nearly one million students. The new system, developed by the agency’s IT team, will launch in beta form…
Washington Local School District in Toledo, Ohio hit by disruptive cyberattack
WTVG reports Washington Local School District in Toledo, Ohio has been hit by a cyberattack that has disrupted much of its communication avenues including phones, internet, email, wifi networks, and Google classroom. Read more at WTVG, although they are only in beginning stages of investigating and responding to the incident.
PA: Ransomware group claims to have hit Mercyhurst University
You may need to add Mercyhurst University in Pennsylvania to any list of post-secondary educational entities hit by ransomware. SuspectFile notes that the university has not confirmed any breach and LockBit has not posted any proof (yet?). But SuspectFile notes the irony that one month after one of the university’s four colleges participated in Cyber…
OH: Shaker Heights City School District discloses hacking incident
Shaker Heights City School District in Ohio has notified the Maine Attorney General’s Office and the Montana Attorney General’s Office of a data security incident. The incident was discovered on January 30, 2022, but the investigation revealed that it had begun as early as September 1, 2021. Data were exfiltrated as part of the incident….
MS: Vicksburg-Warren School District sends notifications for “Grief” ransomware incident in 2021
On May 12, 2022, Vicksburg-Warren School District in Mississippi issued a breach notification. Its explanation begins, “On or around May 28, 2021, VWSD detected unusual activity within its digital environment.” Investigation revealed that files with personal information “may have been accessed or acquired.” The “may have been” seems a bit vague given that threat actors calling…