Search
Tuesday, December 06, 2022

Data breach of half a million Chicago students, employees

CHICAGO ( Associated Press) — The personal information of more than half a million students and employees of Chicago Public Schools was compromised in ransomware. Officials said the attack took place last December, but the seller did not report it to the district until last month.

The data breach happened on December 1 and technology vendor Battle for Kids notified CPS on April 26, the district said on Friday. CPS said a server used to store student and staff information had been breached and four years’ worth of records had been accessed.

The CPS said a total of 495,448 students and 56,138 staff records were observed in the school from 2015-16 to 2018-2019. The data included student names, schools, dates of birth, gender, CPS identification numbers, state student identification numbers, class schedule information and scores on course-specific assessments used for teacher assessment.

Accessed employee data for those years included names, employee identification numbers, school and curriculum information, and email and usernames.

CPS said the breached server did not store any other records.

The district said, “There was no Social Security number, no financial information, no health data, no current curriculum or schedule information, no home address and no course grades, standardized test scores or teacher evaluations.” Scores were not exposed in this incident.” Statement.

The CPS said there was no evidence that the data was misused, posted or distributed, but offered affected families a year for credit monitoring and identity theft protection.

CPS representatives said that the district has been Notifying affected families and employees And will also notify those whose records were not accessed “to give them peace of mind”.

Both the FBI and the Department of Homeland Security investigated the breach and the vendor is “monitoring and will continue to monitor the Internet in the event the data is posted or distributed,” CPS said.

Battle for Children was appointed to help district leaders conduct CPS’ Reach Teacher Evaluation Program. Those evaluations take into account the increase in the academic performance of the students each year.

CPS said it was informed of the breach by Battle for Children through a letter mailed on April 26, but “did not have specific information about which students were affected, nor does CPS know.” It was reported that till May 11, the information of the staff had also been compromised.”

CPS said that because its contract with the seller states that it must immediately notify the district of any data breach, it will “address delay notification and other issues in handling data with Battle for Kids.” Used to be.”

Battle for Kids said in a statement to the Chicago Sun-Times on Friday That the company “immediately appointed a national cyber security firm to assess the scope of the incident and take steps to mitigate the potential impact.”

The company said it has since put in place robust security protocols, but did not respond as to why it did not report the breach to CPS while the evaluation was underway.

As the Chicago Sun-Times reports, CPS has had a relationship with Battle for Kids since 2012. The most recent contract was signed in January — a month after the breach — and should top out at about $90,000 for a year ending January 31, 2023.

Between 2012 and 2020, the Board of Education paid $1.4 million to the Ohio-based company, the Sun-Times cited an online database of CPS vendor payments.

Nation World News is the fastest emerging news website covering all the latest news, world’s top stories, science news entertainment sports cricket’s latest discoveries, new technology gadgets, politics news, and more.

Latest News

Related Stories