Colorado’s Department of Higher Education has admitted to being breached by threat actors. This means that anyone who studied at a public high school in the state between 2004 and 2020 may have had their personal data illegally accessed.
The department also says that anyone who took a course at a higher education facility between 2007 and 2020, and anyone who held a K-12 teacher’s license 2010-2014, might also be affected.
Colorado says an investigation into the breach, which it believes occurred from June 11th to June 19th this year, revealed that Social Security and student ID numbers had been exposed, along with “other education records.”
According to the department’s own figures, 886,517 students were enrolled on an educational program in Colorado between 2021 and 2022, with similar totals for previous years — meaning that hundreds of thousands or even millions could potentially be affected.
The department says it will notify potential victims for whom it has contact details via post or email, and that it “is reviewing its policies and procedures and working to implement additional cybersecurity safeguards to further protect its systems.”
Colorado’s state government will also offer victims free access to credit monitoring and identity theft protection services for two years.
“Individuals should review account statements and monitor free credit reports to detect suspicious activity and errors,” it added.
Cybernews reached out to Colorado seeking further details and clarification’s of the attack, but had yet to receive a response at the time of going to press.
More from Cybernews:
Subscribe to our newsletter