Colorado Department of Higher Education (CDHE) disclosed a ransomware attack in which data of former and current high school staff and students in Colorado may have been compromised. The data of anyone who attended public higher education in Colorado between 2007 and 2020 or a public high school between 2004 and 2020, people holding a Colorado K-12 public school educator license between 2010 and 2014, or those who had attended the Dependent Tuition Assistance Program from 2009 to 2013, or the Colorado Department of Education's Adult Education Initiatives programs between 2013 and 2017, or obtained a GED between 2007 and 2011 were at risk.
The breach notification statement added that CDHE was reviewing its policies and procedures for enhancing cybersecurity safeguards and that it would provide impacted individuals with complimentary access to credit monitoring and identity theft protection services through Experian for two years.