🚨 A February ransomware attack on Baltimore City Public Schools has now been confirmed to have compromised sensitive data belonging to over 25,000 individuals — including teachers, staff, contractors, and students.

On Tuesday, the district issued a public breach notification revealing that:
- The ransomware attack occurred on February 13, 2025
- Sensitive documents were stolen, including I-9 records and background checks
- Impacted data includes Social Security numbers, driver’s licenses, passport info, and even student call logs and attendance records
- 55% of all school employees were reportedly affected
- Over 1,150 students — roughly 1.5% of the district's enrollment — had personal information accessed

While no ransom was paid, reports suggest the Cloak ransomware gang may be behind the attack. So far, no group has taken credit publicly.

Additional context:
- Law enforcement was notified
- Cybersecurity firms were brought in for investigation and recovery
- The school district is now offering two years of credit monitoring to impacted individuals
- Affected parties are receiving breach notification letters this week

In a positive step, the district has rolled out new cybersecurity enhancements:
- Endpoint Detection and Response (EDR) software
- District-wide password resets
- Continued forensic investigation

Baltimore has been no stranger to cyberattacks:
- A 2020 school system breach cost more than $10 million
- A 2019 ransomware attack disrupted city-wide operations

And Baltimore’s not alone — experts have already recorded 75 ransomware attacks on U.S. K-12 schools and colleges in 2025, one of the highest numbers ever tracked.

At @Efani, we believe that the education sector — often underfunded and digitally vulnerable — is now squarely in the crosshairs. Schools don’t just need backups. They need active defense, endpoint visibility, and employee training that starts at onboarding.

#CyberSecurity #Ransomware #EducationSecurity #DataBreach #K12CyberRisk #EfaniSecure #BaltimoreCyberattack