Colorado State Government Targeted By A Ransomware Attack As Hackers Access Personal Data

Posted on August 5, 2023 at 7:34 AM

Colorado State Government Targeted By A Ransomware Attack As Hackers Access Personal Data

A ransomware attack has targeted the Colorado state government. The Colorado government has warned students and teachers that the hackers behind this exploit might have accessed their personal data. The information these hackers stole dates back to 2004, indicating the magnitude of the hacking campaign.

Colorado warns that hackers stole 16 years of public school data

The Colorado Department of Higher Education (CDHE) has said that it was the victim of a ransomware attack. The attack in question resulted in threat actors gaining access to data and copying the same from the institution’s systems between June 11 and June 19.

The data that these threat actors have stolen includes the names of the teachers and students, social security numbers, student identification numbers, and a wide range of other unidentified education records. The CDHE admitted that the actors made away with a vast range of data that belonged to the institution.

The department has also said that those affected by this hacking campaign might include those who attended public higher education institutions across Colorado between 2007 and 2020. The affected individuals also have those that participated in a public high school in Colorado between 2004 and 2020.

The notice also said that other individuals might have been affected by this hacking campaign. These individuals include those who secured a Colorado K-12 public school educator license between 2010 and 2014. Those that participated in the Dependent Tuition Assistance Program between 2009 and 2013 were also affected.

The hacking campaign might have also compromised the information of the individuals that were part of the Adult Education Initiatives at the Colorado Department of Education, with the programs running between 2013 and 2017. Those who did their GED between 2007 and 2011 may also be campaign victims.

The CDHE has failed to mention the number of people affected by this hacking campaign. However, it likely appears as if the attack involved a large number of individuals. According to the department, plans were already underway to notify those affected by the hacking campaign.

The affected persons will also receive two years of identity theft protection services to ensure they do not fall victim to such hacking campaigns again. The services will also ensure that the hackers do not misuse the stolen data to create new identities that might later cause problems for those targeted in the recent campaign.

Hacking campaigns in Colorado 

The recent hacking campaign adds to the attacks that have targeted Colorado in recent months. Last month, Colorado State University confirmed that a hacking campaign at third-party organizations targeted it. The institution said that this hacking campaign led to the unauthorized access of personal data belonging to some community members.

However, the tertiary education institution noted that the hacking campaign did not affect its campuses or the systems operated and maintained by CSU System. Following this breach, the institution urged the relevant parties to take measures to safeguard their data.

The breach at CSU was attributed to the MOVEit Transfer software hack, with CSU saying that the hacking incident might have involved data belonging to some current employees as students. The breach might have also affected former employees and students, with the stolen information dating back to at least 2021.

The university assured the affected individuals that it would continue working with vendors to understand the full extent of the hacking attack. As of July 12, over 280 organizations, including universities, have been victims of the security breach on MOVEit.

The MOVEit file transfer system exploit also targeted the Department of Health Care Policy and Financing in Colorado. The hackers behind the exploit said that the personally identifiable data of the people enrolled in the Colorado Medicaid program had been targeted by hackers.

The department said that its experts were working with a national third-party vendor to probe this hacking incident and address the cybersecurity risk posed by the hackers. The goal of this hacking campaign is to ensure that there are no more compromises in data files. It also said it worked with vendor partners to raise awareness of the MOVEit global hack.

The department noted that some affected individuals include those who applied for or have been covered at any period since 2015. Some of the data that the hackers may have accessed includes personal credit reports.

Summary
Colorado State Government Targeted By A Ransomware Attack As Hackers Access Personal Data
Article Name
Colorado State Government Targeted By A Ransomware Attack As Hackers Access Personal Data
Description
A ransomware attack has targeted the Colorado state government. The attack led to information belonging to students and teachers being stolen. The stolen data dates back to 2004.
Author
Publisher Name
Koddos
Publisher Logo

Share this:

Related Stories:

Newsletter

Get the latest stories straight
into your inbox!

YOUTUBE

Discover more from KoDDoS Blog

Subscribe now to keep reading and get access to the full archive.

Continue reading