​Baltimore Metropolis Public Colleges notified tens of 1000’s of workers and college students of an information breach following an incident in February when unknown attackers hacked into its community.
Established in 1829, the general public college district supplies main and secondary training to 76,841 enrolled college students by way of 164 colleges and applications.
“On February 13, 2025, Baltimore Metropolis Public Colleges skilled a cybersecurity incident affecting sure IT techniques inside our community. We promptly notified regulation enforcement, performed an preliminary investigation, and took steps to verify the safety of our techniques,” Metropolis Colleges stated in a Tuesday notification.
“Following an intensive investigation with the steerage of regulation enforcement and exterior cybersecurity specialists, we’ve confirmed that sure paperwork might have been compromised by felony actors, which contained data belonging to some present and former workers, volunteers, and contractors, in addition to information associated to lower than 1.5% of our scholar inhabitants.”
Despite the fact that the precise variety of college students affected by this breach wasn’t shared, based mostly on present scholar enrollment numbers, the attackers gained entry to delicate information belonging to roughly 1,150 college students, in keeping with the college district’s estimations. Moreover, the Maryland Workplace of the Legal professional Basic confirmed to The Baltimore Solar that the breach impacts over 31,000 people.
Throughout the breach, the menace actors might have stolen folders, information, or information containing social safety numbers, driver’s license numbers, or passport numbers belonging to present and former workers, volunteers, and contractors. Information uncovered through the incident may have contained a mix of scholar information, name logs, absenteeism information, or the maternity standing of at present enrolled college students.
Breach linked to Cloak ransomware
Whereas the college district did not hyperlink the assault to a selected menace group or cybercrime operation, a WBALTV report linked it to Cloak ransomware. This ransomware operation surfaced in late 2022 and has since claimed over 130 victims, most of them small—to medium-sized companies.
Baltimore Metropolis Public Colleges now supplies complimentary credit score monitoring companies to these affected and urges impacted people to evaluate private account statements and monitor credit score studies to stop identification theft makes an attempt.
In November 2020, Baltimore County Public Colleges, a Maryland college district that manages all public colleges in Baltimore County, Maryland, additionally disclosed an information breach following a ransomware assault that compelled it to close down its community as a result of variety of impacted techniques.
One 12 months earlier, in Could 2019, a RobbinHood ransomware assault encrypted authorities servers at Baltimore Metropolis Corridor. One other ransomware incident impacted Baltimore Metropolis’s emergency name system in March 2018, forcing the workers to change to guide operations to deal with all incoming emergency calls.
