1000’s of scholars, academics and directors had info stolen from the Baltimore Metropolis Public Faculties system throughout a ransomware assault in February.
Officers at Baltimore Metropolis Public Faculties published a breach discover on Tuesday warning {that a} cyber incident on February 13 uncovered sure IT techniques throughout the community.
The assertion mentioned an investigation revealed that “sure paperwork might have been compromised by legal actors, which contained info belonging to some present and former staff, volunteers, and contractors, in addition to information associated to lower than 1.5% of our scholar inhabitants.”
A Baltimore Metropolis Public Faculties official confirmed to Recorded Future Information that the incident was a ransomware assault however mentioned no ransom was paid.
They didn’t say how many individuals have been affected however the letters clarify that 1.5% of the present Baltimore Metropolis Public Faculties scholar inhabitants was impacted — which might put the determine at greater than 1,150 college students.
In an FAQ doc connected to the net breach discover, the town mentioned the hackers might have obtained the folders, information or information “belonging to sure present and former staff who accomplished the I-9 verification course of as a part of their onboarding to Metropolis Faculties, in addition to sure staff, volunteers, and contractors who’ve undergone a background verify with Metropolis Faculties.”
The information doubtless contained Social Safety numbers, driver’s license numbers or passport numbers. For the scholars impacted, the hackers acquired information with scholar name logs, absenteeism information or maternity standing.
The Baltimore Banner reported that college system CEO Sonja Santelises, who herself was impacted by the breach, mentioned 55% of the varsity’s staff have been affected.
11 Information/WBALTV added that it allegedly discovered a ransom observe related to the incident from the Cloak ransomware gang. The native information outlet mentioned faculty officers advised them a complete of about 25,000 individuals have been affected by the breach, together with greater than 7,000 present academics and “anybody who has ever been employed by the district since 2010.”
Legislation enforcement was contacted concerning the incident and cybersecurity corporations have been employed to assist the varsity system get well from the assault.
No hacking group or ransomware gang has taken credit score for the assault as of Tuesday afternoon. The letter says that “resulting from Metropolis Faculties’ aggressive response to the cybersecurity incident, whereas some particular person information have been acquired, there isn’t a indication that the actions of the legal actors considerably disturbed colleges or different capabilities.”
Town started sending out breach notification letters on Tuesday to those that might have been affected by the breach. Victims are being provided two years of credit score monitoring providers and a name middle will likely be set as much as reply questions concerning the incident.
“We accomplished our investigation yesterday and notified these impacted and the neighborhood in the present day. Because the incident, we have now applied a sequence of extra cybersecurity enhancements, together with putting in endpoint detection and response software program and resetting all customers’ passwords,” the varsity spokesperson advised Recorded Future Information.
Baltimore Metropolis Public Faculties suffered a cyberattack in 2020 which value the town more than $10 million in community upgrades and damages. Town authorities was additionally hit with a wide-ranging ransomware attack in 2019.
Cybersecurity consultants have tracked a minimum of 75 ransomware assaults on Okay-12 colleges and faculties up to now in 2025, one of many highest figures seen since researchers started monitoring the numbers.
Recorded Future
Intelligence Cloud.
