The Broward County Public School (BCPS) District is in the process of notifying about 50,000 people that a ransomware attack earlier this year resulted in unauthorized access to some district systems that may have potentially included the sensitive information of some faculty staff and students.
After a thorough investigation, it was determined that between Nov. 12, 2020, to March 6, 2021, unauthorized individuals obtained access to BCPS systems.
Investigators uncovered that certain records stored on the District’s systems had been seized, and attackers demanded a $40 million payoff. They also realized that the seized records included individuals’ names and social security numbers.
Later, further analysis indicated that the data accessed may include information relating to the districts self-insured health plan, including individuals’ names, dates of birth, Social Security
numbers, and benefits selection information.
In the notice, BCPS informs its personnel that it has implemented additional measures to enhance its network security.
“You are encouraged to remain vigilant by reviewing your accounts statements, health provider invoices, explanation of benefits statements, and free credit reports for any unauthorized activity,” the notification noted.
The district is also offering complimentary credit monitoring, by request, to those affected. And for those who have further questions, the district has established a dedicated hub to help individuals maneuver the attack’s impact.