On March 22, data stolen from Minneapolis Public Schools in its February ransomware attack was made available for download on the internet. A few days prior, the district informed the MPS community that the data was available on the dark web. Medusa has claimed responsibility for the ransomware attack.
Minneapolis Schools Voices learned of the data leak through Ian Coldwater, who reported via Twitter on March 22, “This morning the breached data from MPS was released onto the clear web. I'm still going through the data, but I can definitively say that it includes [Social Security numbers], bank account info, protected health info, assault & harassment complaints, & lots more. This is a very bad breach.”
Coldwater does not work for the district. They have been closely tracking the MPS ransomware attack as a MPS parent and cybersecurity professional.
MPS is asking people not to download the data because malware is attached to the data.
Coldwater said in response, “There are ways to contain malware, but most MPS folks likely won't know how to do that. Better safe than sorry.”
MPS continues to update its Restoring MPS Systems and Protecting Personal Data webpage which includes steps the MPS community can take to protect themselves. The district said it is assessing the data and will contact people who are individually impacted by the data breach.