Data Breach Alert: Chicago Public Schools Warns Families of Student Information Exposure

Chicago Public Schools Issues Warning to Families

CHICAGO – Chicago Public Schools issued a warning to families Friday about a data breach impacting several students over the past several years.

Data Breach Details

CPS said a file transfer software called Cleo, a CPS technology vendor, was hacked. The server attacked was one that was used to store data about current and former CPS students.

Data Compromised

“Specifically, an unauthorized party gained access to students’ names, date of birth, gender, and Chicago Public Schools student ID number,” the school district said. “For students who are enrolled in the federal Medicaid program, students’ Medicaid ID number and dates of program eligibility were also exposed.”

Affected Students

CPS officials believe all current students and all former students dating back to the 2017-18 school year were impacted.

No Financial or Health Data Involved

Officials also stressed no Social Security numbers, no financial information, no staff information, and no health data were involved in the data breach.

CPS Statement on the Breach

“CPS is deeply committed to the security of student information, and we expect the same level of care and commitment from our vendors. As an organization, CPS takes proactive measures to limit exposure by continuously strengthening our defenses and including strong provisions in vendor contracts to ensure our data is protected. Through ongoing diligence and improvement, we will continue to adapt our security posture to reduce the risk of future breaches.

“Please know that the protection of your child’s personal information is a top priority, and we sincerely regret any concern or inconvenience that this matter may cause you.”

Conclusion

The data breach is a serious issue that requires immediate attention and action from both the school district and its technology vendors. As parents, it is essential to stay informed and take necessary steps to protect your child’s personal information. We urge all families to remain vigilant and report any suspicious activity to the school administration.

FAQs

* What caused the data breach?
The data breach was caused by a hack of a file transfer software called Cleo, a CPS technology vendor.
* What type of data was compromised?
Names, date of birth, gender, and Chicago Public Schools student ID number, as well as Medicaid ID number and dates of program eligibility for students enrolled in the federal Medicaid program, were compromised.
* Which students were affected?
All current students and all former students dating back to the 2017-18 school year were impacted.
* Were any financial or health data involved?
No, no Social Security numbers, no financial information, no staff information, and no health data were involved in the data breach.
* What is being done to prevent future breaches?
CPS takes proactive measures to limit exposure by continuously strengthening its defenses and including strong provisions in vendor contracts to ensure its data is protected.