Millions Potentially Affected in Colorado Department of Higher Education Data Breach

Earlier today the Colorado Department of Higher Education (CDHE) reported a massive data breach potentially impacting millions of people. Those affected include current students, past students, and teachers.

CDHE claims that the data breach took place on June 19th with a \”cybersecurity ransomware incident that impacted its network systems,\” according to today\'s press release.

The data set and scope of this breach is shocking as it appears to affect millions of people based on CDHE\'s statement. Those affected include:

• People that attended a public institution of higher education in Colorado between 2007-2020
• People who attended a Colorado public high school between 2004-2020
• Individuals with a Colorado K-12 public school educator license between 2010-2014
• Participated in the Dependent Tuition Assistance Program from 2009-2013
• Participated in Colorado Department of Education’s Adult Education Initiatives programs between 2013-2017
• Obtained a GED between 2007-2011

According to CDHE, the data breach exposes the victims\' full names, social security numbers, dates of birth, physical addresses, proof of addresses, copies of government identification, and also may include police reports.

CDHE offers data breach victims two years of credit monitoring and identity theft protection

In an effort to mitigate the harm done to victims, CDHE is offering credit monitoring and identity theft protection to those affected.

CDHE is providing impacted individuals with complimentary access to credit monitoring and identity theft protection services through Experian for two years.

– CDHE press release

While this offer may help to mitigate the impact, individuals impacted by this CDHE data breach will still be at risk for:

• Financial fraud
• Identity theft
• Phishing attacks
• Social engineering attacks
• Hacked accounts

CDHE press release on the data breach and ransomware attack

The Colorado Department of Higher Education (“CDHE”) is providing notice of a cybersecurity incident that may involve the personal information of certain individuals. CDHE is providing information about the measures it has taken in response to the incident, and steps impacted individuals may take to protect themselves against possible misuse of information. 

What Happened? On June 19, 2023, CDHE became aware it was the victim of a cybersecurity ransomware incident that impacted its network systems. CDHE took steps to secure the network and has been working with third-party specialists to conduct a thorough investigation into this incident. CDHE also worked to restore systems and return to normal operations. While this incident is still part of an ongoing criminal and internal investigation, CDHE knows that an unauthorized actor(s) accessed CDHE systems between June 11 and June 19, 2023 and that certain data was copied from CDHE systems during this time. Over the past few weeks, the investigation has revealed that some of the impacted records include names and social security numbers or student identification numbers, as well as other education records. The review of the impacted records is ongoing and once complete, CDHE will be notifying potentially impacted individuals by mail or email for individuals for whom we have contact information. While the review is ongoing, those that attended a public institution of higher education in Colorado between 2007-2020, attended a Colorado public high school between 2004-2020, individuals with a Colorado K-12 public school educator license between 2010-2014, participated in the Dependent Tuition Assistance Program from 2009-2013, participated in Colorado Department of Education’s Adult Education Initiatives programs between 2013-2017, or obtained a GED between 2007-2011 may be impacted by this incident. 

What We Are Doing In response to this incident, CDHE is reviewing its policies and procedures and working to implement additional cybersecurity safeguards to further protect its systems. Additionally, CDHE is providing impacted individuals with complimentary access to credit monitoring and identity theft protection services through Experian for two years. Although CDHE is making these services available to impacted individuals, CDHE is unable to enroll individuals directly. Please review Steps You Can Take to Help Protect Personal Information, available at https://cdhe.colorado.gov. 

What You Can Do Remain vigilant against incidents of identity theft and fraud. Individuals should review account statements and monitor free credit reports to detect suspicious activity and errors. CDHE encourages impacted individuals to enroll in credit monitoring services through Experian. 

For More Information We understand that members of the public may have additional questions. For assistance with questions regarding this incident, please call our designated hotline at (833) 301-1346 between 7 a.m. to 9 p.m. Mountain Time, Monday through Friday, 9 a.m. to 6 p.m. Mountain Time, Saturday and Sunday (excluding U.S. holidays). Additional information can also be found at https://cdhe.colorado.gov/.

Investigation ongoing

CDHE has told media outlets that the investigation is ongoing and has not provided much information to media outlets, outside of the statement you see above.

RestorePrivacy has reached out to CDHE for comment on the number of individuals affected and further details on the security incident. A senior director of communications for CDHE told RestorePrivacy that they are not able to comment on the number of people affected as the investigation is ongoing, but pointed to this incident page for updates.

We will update this article as more details unfold.

Last updated on August 6th, 2023 with more details on the scope of the breach and the data exposed.