Cyberattacks are a growing threat to schools, and with so many devices in use by staff and students, clicking on a malware link is almost unavoidable.
The Minneapolis public school is one of the schools that has fallen victim to cyberattacks on the school’s website. Following the hackers’ “encryption event” on Minneapolis public schools, they demanded a $1 million ransom.
After the ransom payment deadline passed, the hackers went to the dark web, a website dedicated to criminal activity, and posted more Minneapolis public school data.
How the Minneapolis Public Schools Data Got Hacked
The Minneapolis district has yet to provide a complete account of how the breach occurred, but on February 21, the Minneapolis public schools issued a statement. They reported technical difficulties in the statement.
They were having technical difficulties with some of their computer systems, which were eventually disabled. They assumed it was due to technical difficulties and would be resolved soon, but it was more than that.
Fortunately, due to the poor weather conditions in Minneapolis at that time, students took classes from home, but it didn’t affect their online classes.
However, On February 24, the district began to refer to the ‘technical difficulties’ they experienced a few days back as an “encryption event.” They immediately informed everyone about changing their account passwords.
According to an official statement issued by the Minneapolis Public Schools (MPS), “officials are working with cybersecurity specialists to quickly and securely download the data so that they can conduct an in-depth, comprehensive review to determine the full scope of what personal information was impacted.”
Having said that, the Minneapolis district has promised to contact those whose data was released directly.
However, cybersecurity experts warn that all current and former staff and students should assume they have been compromised. Unless they have been told otherwise, but if not, they should take action to protect their information.
Who Were the Hackers of the MPS Data?
“Medusa,” a group of ransomware hackers, claimed responsibility for the cyberattacks and demanded a $1 million ransom. They have threatened to release more data if the ransom is unpaid by March 17th.
The Medusa group revealed this in a video that has since been removed but contains a lot of sensitive information.
Some files in the video sent by the ransomware hackers include students’ pictures, forms, home addresses, and disciplinary information.
The videos contain payroll information, protected health information, union grievances, civil rights instigations, and more for MPS employees and staff.
Ian Coldwater is a professional hacker who companies hire to expose vulnerabilities and advise them on what to do. As a father of two, one of his children is an alumnus, while the other is still a student in Minneapolis public schools.
His data is also at risk of being on the dark web. He says his main concern about the entire breach is the potential release of sensitive information onto the internet.
He also stated that the scale and breadth of this data breach are quite large and broad. It will take some time for Minneapolis district officials to learn the exact identity of the hackers.
How MPS Students and Staff Can Protect Their Data and Information
Minneapolis district officials have reported the cyberattack incident to law enforcement. The affected families and those who may be affected should take precautions to safeguard their information.
Some methods for protecting their information include:
- Using security software that automatically updates to protect their computer systems and phones. These app updates safeguard against security threats.
- Changing the passwords for all accounts they opened using district-owned devices.
- Receive and respond with caution to any suspicious emails or messages. If you receive any of these threats, please notify privacy@mpls.k12.mn.us.
