Broward County School District backtracks after ransomware attack
A US school district has warned 50,000 students and employees that their data may have been exposed following a ransomware attack.
Broward County School District, in the state of Florida, admitted that personal information could have been accessed by malicious hackers during a cyber-attack between November 2020 and March 2021.
The district had previously kept details of the incident under wraps, and also insisted that no data had been affected.
Earlier this week (November 29), however, the institution confirmed that the unauthorized access “may have potentially included the sensitive information of some faculty, staff, and students”.
A letter from the school district (PDF) states that “an unauthorized person obtained access to BCPS systems between November 12, 2020, and March 6, 2021”.
It adds: “On April 19, 2021, the investigation revealed certain records stored on the district’s systems had been acquired and publicly released.
“On June 8, 2021, it was determined that the records released by the cybercriminals included information that included individuals’ names and Social Security numbers.
“On June 29, 2021, further analysis indicated that the data accessed may include information relating to our self-insured health plan, including individuals’ names, dates of birth, Social Security numbers, and benefits selection information.”
Those affected by the breach have been informed and are being offered free credit monitoring services. These individuals are being advised to remain vigilant by reviewing account statements, health provider invoices, explanation of benefits statements and free credit reports for any unauthorized activity.
The letter also contains more information and advice on how to protect against fraud following a data breach.