Following the reported data leak from the Minneapolis Public School District, many parents are worried about their data being accessed after an alleged hack resulted in decades worth of information being exposed.
Minneapolis parent and cybersecurity expert Ian Coldwater joined News Talk 830 WCCO’s Jordana Green and Adam Carter to discuss the security breach.
Those who reportedly hacked the public school district’s systems are asking for $1 million in ransom to delete the data dating back to 1995.
Coldwater, a parent of a high school student in the district, has said the issue is much larger than the district is letting on. Coldwater is a self-described “professional hacker” who is paid to break into companies’ systems and let them know where there are flaws.
Coldwater says that ransomware attacks are very common and that they often tell companies to assume their systems are being attacked so that they can always be working to prevent data breaches.
“What happened here is a ransomware group called the Medusa Group… went and breached Minneapolis Public Schools and went and put on their website — on the dark web — that they have MPS data and are demanding” the ransom or else the data will be released, Coldwater said.
But, the group Coldwater alleges is responsible isn’t just talking the talk, as they say, the group has posted screenshots of the data to prove they have it.
The screenshots of data posted on Medusa Group’s website include payroll information, student ID cards, pictures, a sexual assault report with students’ names on it, and other private information, Coldwater shared.
“This is the real deal,” Coldwater expressed.
Now, Coldwater says Minneapolis Public Schools is in a difficult situation as, on one hand, they don’t want the data to get out, making paying the ransom seem like an option, but on the other, Coldwater says it would only fund the “cyber criminals,” allowing them “to go and do this to future schools.”
“A lot of these groups are increasingly targeting schools and hospitals because, unfortunately, they’re easy targets,” Coldwater said. “A lot of the time, what they are looking for, is targets of opportunity that don’t necessarily have the best security practices.”
As a parent, Coldwater says they would like to see the district own the situation and share who was affected and what information was obtained in the data leak so people can protect themselves.
“I would like the district to be more forthcoming about what’s going on. They haven’t been particularly forthcoming at all about the breach or the severity of it,” Coldwater said.
Coldwater says measures people can take include changing the password for any account accessed on a Minneapolis Public School device and considering taking measures to protect yourself and your kids from identity theft by visiting identitytheft.gov.
Related
Related
