Search This Blog

Powered by Blogger.

Blog Archive

Labels

Colorado Department of Higher Education Attacked by Ransomware

During the period of June 11 to June 19, hackers managed to infiltrate the CDHE's systems, from which they extracted and duplicated data.

 

The Colorado state government has issued a cautionary message to both students and educators regarding a potential security breach. The incident involves unauthorized access to personal information dating back to 2004. As stated on the official website of the Colorado Department of Higher Education (CDHE), the organization fell victim to a ransomware attack. 

During the period of June 11 to June 19, hackers managed to infiltrate the CDHE's systems, from which they extracted and duplicated data. The compromised data encompasses a range of details, including the names of students and teachers, addresses, Social Security numbers, student ID numbers, as well as various unspecified educational records, as confirmed by the CDHE. 

Ransomware refers to a type of malicious software that infiltrates computer systems. It has the ability to either extract sensitive data or restrict the system owner/user's access to their own information. Typically, the individual or group responsible for the malware then demands a ransom in order to reinstate access to the compromised data or system. 

As per the report, individuals could potentially be affected by the attack: 

• Individuals who were enrolled in a Colorado public higher education institution from 2007 to 2020. 

• Those who attended a Colorado public high school from 2004 to 2020. 

• Individuals possessing a Colorado K-12 public school educator license between 2010 and 2014. 

• Participants in the Dependent Tuition Assistance Program during the period of 2009 to 2013. 

• Those involved in Colorado Department of Education's Adult Education Initiatives programs spanning from 2013 to 2017. 

• Individuals who obtained a GED between the years 2007 and 2011. 

Megan McDermott, who holds the position of Senior Director of Communications and Community Engagement at CDHE said that the CDHE is aware of the entity behind the ransomware. However, she declined to disclose the specific ransom amount due to ongoing criminal and internal inquiries. Further, she confirmed that the CDHE did not comply with the demands of the ransom. 

In the past few weeks, there has been a surge in ransom attacks in Colorado. In the previous month, Colorado State University (CSU) acknowledged an incident where the Clop ransomware group accessed the sensitive personal data of both present and past students and staff. 

This breach occurred alongside the MOVEit mass hacking. The identical group of hackers also directed their efforts towards Colorado's Department of Health Care Policy and Financing. This department revealed that the personally identifiable information of individuals enrolled in Colorado's Medicaid program or child health plan might have been exposed.
Share it:

Colorado

Data Breach

Data Theft

Educational Institutes

malware

Ramsomware