Colorado Department of Higher Education hit by ransomware attack

The Colorado Department of Higher Education announced Friday the possibility that the names and social security numbers of students and teachers on file with the agency may have been copied in June and used extort money from it. 

CDHE stated in a press release that unauthorized access was gained to its computer system between June 11 and June 19. Certain data was copied. The CDHE "became aware it was the victim of a cybersecurity ransomware incident" on June 19. 

Ransomware is the term used to describe a malicious software which is installed into a computer system and which gathers sensitive information or blocks the owner/user of the system from further accessing the information. The originator of the malware typically makes monetary demands in exchange for restoring access.

RELATED  Ransomware attack hits Wheat Ridge, Fremont County; "Everything was impacted"  (2022)

Megan McDermott, CDHE's Senior Director of Communications and Community Engagement, confirmed for CBS News Colorado that CDHE does know the identity of the source of the ransomware. She refused to state the amount of ransom that was demanded, citing ongoing criminal and internal investigations. But she did confirm that the ransom was not paid.

A CDHE spokesperson confirmed the agency temporarily lost use of its servers, but has since regained control and is working to rebuild its systems from backups.   

At this time, those impacted by the cybersecurity incident may include individuals:

  • Who attended a public institution of higher education in Colorado between 2007-2020
  • Who attended a Colorado public high school between 2004-2020
  • With a Colorado K-12 public school educator license between 2010-2014
  • Who participated in the Dependent Tuition Assistance Program from 2009-2013
  • Who participated in Colorado Department of Education's Adult Education Initiatives programs between 2013-2017
  • Who obtained a GED between 2007-2011

RELATED  Ransomware group leaks information from CU cyberattack on Dark Web (2021)

CDHE is notifying those people whom it can reach. The agency suggested all individuals monitor their financial account statements and credit reports. CDHE is offering free access to Experian, a credit monitoring agency, to those who have been impacted. Individuals must enroll on their own. 

Local and national law enforcement agencies are investigating the incident.

CDHE is also reviewing its procedures and cybersecurity safeguards. 

RELATED  Ukraine authorities arrest CL0P ransomware gang linked to University of Colorado cyberattack (2021)

CDHE has established a hotline at  (833) 301-1346. More information is available at https://cdhe.colorado.gov/.&nbsp.

Read more
f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.