An investigation by the Minnesota IT Services agency revealed that twenty-four Minnesota state education departments are also victims in the recent massive cyber hack on users of the software protocol MOVEit. MOVEit is an application that collects, stores, and transfers large files between organizations…securely, according to the developers at Progress Software. Secure except when a Russian cyber group finds a back door into the application. What was considered a safe way to share data between the Minnesota Department of Education and state Department of Human Services has now become a hotbed of fraud opportunities due to thousands of stolen children’s identities, children who had already been compromised in the first place.
The files hacked from Minnesota’s Department of Education and Department of Health databases contained personal identifying information on more than 95,000 students who have been through the state’s foster care system. Information including names, demographic details and where they’ve been placed. These kids have already had a tough start to life and now their identities have been stolen from a group known for selling the stolen data to the dark web. Immediate action should be taken to protect these kids on their behalf.
However, the Minnesota Department of Education is taking a different route. Months after the attack, Minneapolis has yet to inform individual victims of being compromised. Unlike the law required for hospitals, no federal law exists to require cyber-attack notification from schools. There is no federal law guaranteeing a safe and happy childhood either, as these kids already know. Minnesota also decided to not pay the $1 million ransom to stop the stolen data from being publicized on the dark web. Way too much money for the safety of a child apparently. Now all the stolen confidential files of these children, who have sad stories already, are online. For anyone to victimize some more.
Today’s Fraud Of The Day is based on article “After Minneapolis schools hack, ransomware criminals are dumping kids’ private files online” published by KARE on July 6, 2023.
Ransom gangs have been stealing confidential documents from schools and dumping them online. The confidential documents stolen from schools and dumped online by ransomware gangs are raw, intimate and graphic. They describe student sexual assaults, psychiatric hospitalizations, abusive parents, truancy — even suicide attempts.
“Please do something,” begged a student in one leaked file, recalling the trauma of continually bumping into an ex-abuser at a school in Minneapolis. Other victims talked about wetting the bed or crying themselves to sleep.