Security News > 2022 > May > Ransomware attack exposes data of 500,000 Chicago students

The Chicago Public Schools has suffered a massive data breach that exposed the data of almost 500,000 students and 60,000 employee after their vendor, Battelle for Kids, suffered a ransomware attack in December.

Yesterday, the Chicago Public School district disclosed that a December 1st ransomware attack on Battelle for Kids exposed the stored data of 495,448 students and 56,138 employees in its school system.

"Specifically, an unauthorized party gained access to your child's name, date of birth, gender, grade level, school, Chicago Public Schools student ID number, State Student ID number, information about the courses your student took, and scores from performance tasks used for teacher evaluations during school years 2015-2016, 2016-2017, 2017-2018 and/or 2018-2019," explains the CPS student data breach notification.

In April, Ohio school districts began issuing data breach notifications warning students and staff that their data was exposed in the ransomware attack on Battelle for Kids.

As part of the extortion process, ransomware gangs commonly provide proof that they stole data by sharing a list of all the stolen folders and sometimes sharing individual files as proof.

A similar but unrelated data breach was disclosed by the New York City Department of Education in March, where a vendor's cyber attack exposed the data of 820,000 students.

News URL

https://www.bleepingcomputer.com/news/security/ransomware-attack-exposes-data-of-500-000-chicago-students/