CBS News reports that Minneapolis Public Schools had its data compromised in a Medusa ransomware attack leaked on the dark web nearly three weeks after it reported being impacted by a ransomware incident.
Medusa ransomware has demanded a $1 million ransom for the stolen data, which cybersecurity experts note include the school district's student records, phone numbers, home addresses, disciplinary records, protected health information, payroll data, student and staff photos, safety plans, misconduct complaints, union grievances, and civil rights investigations.
"We are working with cybersecurity specialists to quickly and securely download the data so that we can conduct an in-depth comprehensive review to determine the full scope of what personal information was impacted," said MPS in a statement.
Despite ongoing investigation into the incident, individuals whose data may have been affected should assume compromise, said experts.
"What concerns me about this data breach specifically is the sensitivity of some of this data. The scale and scope of this data breach is quite large and quite wide," said ethical hacker Ian Coldwater.
Ransomware, Threat Management, Privacy
More stolen Minneapolis Public Schools data leaked
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds