Minnesota Department of Education reports 95000 students data exposed in MOVEit caused breach

The Minnesota Department of Education is reporting a bersecurity attack, resulting in the unauthorized access of data belonging to over 95,000 students. The majority of these students are part of the state's foster care system.

The department was alerted to a potential vulnerability in their file transfer software, MOVEit, on May 31. On the same day, hackers breached 24 files containing sensitive information.

The compromised files included demographic details, such as names, dates of birth, and county of placement, for the 95,000 students in foster care across the state. Some include home addresses and parent/guardian names.

In addition, the attackers gained access to similar demographic data for 124 students eligible for Pandemic Electronic Benefits Transfer, 29 students enrolled in PSEO (Postsecondary Enrollment Options) classes at Hennepin Technical College, and five students who used a specific Minneapolis Public School bus route.

It is important to note that no financial information was obtained during the breach.

The Minnesota Department of Education is actively working to inform the affected individuals about the incident. They are collaborating with various agencies, including the FBI, Minnesota Bureau of Criminal Apprehension, and the Office of the Legislative Auditor, to investigate the cyberattack.

As a precautionary measure, the Minnesota Department of Education is urging anyone who may have been affected to take steps to safeguard their personal information, such as monitoring their credit reports.

The Minnesota Department of Education has established a data breach website to provide further information and resources for individuals seeking additional assistance or guidance in response to this incident.