Chicago Public Schools (CPS), along with law enforcement agencies, is currently investigating a significant data breach that has compromised the personal information of both current and former students. This incident arose from a cyber-attack late last year targeting Cleo, a file transfer software vendor utilized by the school district, resulting in unauthorized access to sensitive student data that has since been disseminated on the dark web.
The breach affects approximately 700,000 students, with data extending back to the 2017-18 academic year. According to CPS, the infiltrated information includes students’ names, dates of birth, gender, and CPS student ID numbers. Additionally, students enrolled in Medicaid had their Medicaid ID numbers and eligibility dates exposed in the attack. However, it is important to note that Social Security numbers, as well as financial and health data, were not part of the breach.
CPS has emphasized that, at this time, there is no evidence indicating that the exposed data has been misused. Importantly, no staff information was implicated in this breach. Following the discovery of the incident, the school district promptly alerted law enforcement, including the FBI and the Illinois attorney general’s office, to facilitate a thorough investigation.
In a public statement, CPS underscored its commitment to safeguarding student information and expressed expectations that the same diligence would be adhered to by its vendors. The district highlighted its proactive measures in reinforcing cybersecurity defenses, including rigorous vendor contract stipulations aimed at ensuring data protection.
Organizations like CPS are increasingly leveraging frameworks such as the MITRE ATT&CK matrix to understand potential adversary tactics and techniques employed during such cyber incidents. This breach could have involved tactics including initial access, where an attacker gains entry into a network, and data exfiltration, where sensitive information is transferred out of a secure environment.
In conclusion, CPS is actively working to bolster its security infrastructure to mitigate risks of future breaches. The ongoing endeavors to enhance cybersecurity measures reflect a broader trend within educational institutions to adapt to the evolving threat landscape, thereby ensuring the integrity and confidentiality of sensitive student data amidst increasing cyber risks.
