Minneapolis Public Schools reports ransomware caused data breach
Learn More
Minneapolis Public Schools have started reporting to individuals whose personal information may have been compromised during a cyberattack that occurred in February. Notification letters are expected to reach affected households within the next two weeks.
The incident, initially referred to as an "encryption event," was first detected on February 18 when the school district's computer systems became inaccessible. Subsequent investigation revealed that a hacker had gained unauthorized access to the systems between February 6 and February 18.
In March, a ransomware group claimed responsibility for the attack and demanded a $1 million ransom while posting a 51-minute video that included screenshots showcasing a wide range of data, including
- student names
- addresses
- potentially sensitive employee information.
The school district emphasized the importance of understanding the scope of the information accessed and collaborated with cybersecurity specialists on a comprehensive review of the affected computer systems to identify those affected.
No details are provided about the number of impacted individuals.
The process, which involved both automated and manual review, was time-intensive but crucial for ensuring accuracy and data integrity. The district is now offering free credit monitoring services to individuals impacted by the data breach and connecting others to support services for addressing mental or emotional responses related to the incident.
Additionally, the district is reviewing its policies and procedures, implementing enhanced security measures, and providing additional training to staff to mitigate the risk of future cybersecurity incidents.
