Monday, December 05, 2022

Data breach of half a million Chicago students, employees

Chicago, May 21 ( Associated Press) The personal information of more than half a million Chicago public school students and staff was affected in a ransomware attack last December, but the vendor didn’t report it to the district until last month, officials said. .

The data breach happened on December 1 and technology vendor Battle for Kids notified CPS on April 26, the district said on Friday.

CPS said a server used to store student and staff information had been breached and four years’ worth of records had been accessed.

The CPS said a total of 495,448 students and 56,138 staff records were observed in the school from 2015-16 to 2018-2019.

The data included student names, schools, dates of birth, gender, CPS identification numbers, state student identification numbers, class schedule information and scores on course-specific assessments used for teacher assessment.

Accessed employee data for those years included names, employee identification numbers, school and curriculum information, and email and usernames.

CPS said the breached server did not store any other records.

The district said, “There was no Social Security number, no financial information, no health data, no current curriculum or schedule information, no home address and no course grades, standardized test scores or teacher evaluations.” Scores were not exposed in this incident.” Statement.

The CPS said there was no evidence that the data was misused, posted or distributed, but offered affected families a year for credit monitoring and identity theft protection.

CPS representatives said the district is notifying affected families and employees and will also inform those who did not have access to their records “to give them peace of mind.” Both the FBI and the Department of Homeland Security investigated the breach and the vendor is “monitoring and will continue to monitor the Internet in the event the data is posted or distributed,” CPS said.

Battle for Children was appointed to help district leaders conduct CPS’ Reach Teacher Evaluation Program.

Those evaluations take into account the increase in the academic performance of the students each year.

CPS said it was informed of the breach by Battle for Children through a letter mailed on April 26, but “did not have specific information about which students were affected, nor does CPS know.” It was reported that till May 11, the information of the staff had also been compromised.” CPS said that because its contract with the seller states that it must immediately notify the district of any data breach, it will “address delay notification and other issues in handling data with Battle for Kids.” Used to be.” Battle for Kids said in one on Friday. The statement provided to the Chicago Sun-Times said the company “immediately engaged a national cyber security firm to assess the scope of the incident and take steps to minimize the potential impact.” The company said it has since put in place robust security protocols, but did not respond as to why it did not report the breach to CPS while the evaluation was underway.

As the Chicago Sun-Times reports, CPS has had a relationship with Battle for Kids since 2012. The most recent contract was signed in January – a month after the breach – and is expected to top out at around USD 90,000 for a year ending January 31, 2023.

Between 2012 and 2020, the Board of Education paid USD 1.4 million to the Ohio-based company, the Sun-Times reported, citing an online database of CPS vendor payments. ( Associated Press) RUP

Nation World News is the fastest emerging news website covering all the latest news, world’s top stories, science news entertainment sports cricket’s latest discoveries, new technology gadgets, politics news, and more.

Latest News

Related Stories