Hackers post Minneapolis schools data
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Sarah Grillo/Axios
The group taking credit for hacking Minneapolis Public Schools has followed through on its promise to post the data online.
What's happening: The hackers, who go by Medusa, have uploaded a 100-gigabyte file that they claim is the data they stole during a February breach, cybersecurity expert Brett Callow tweeted.
- Medusa had been asking MPS for a $1 million ransom, which MPS rejected.
Yes, but: The file is just a small fraction of what Medusa claims it has. The hackers say the records contain a significant amount of sensitive information, including student sexual violence allegations, district finances and student discipline, according to education news organization The 74.
What they're saying: MPS said last Friday it was working with cybersecurity specialists to download the data and review it to "determine the full scope of what personal information was impacted and to whom the information relates."
- Officials said it would take "some time" to review the data, but didn't specify how long and didn't respond to an Axios request.
Flashback: Earlier this month Medusa posted a video of someone browsing through the data. Among other things, it showed a letter about a student's suspension, employee tax forms, HSA withdrawals, contracts with vendors and resumes of job applicants.
Threat level: Cybersecurity experts have continually warned MPS families and staff to keep a close eye on their bank accounts and be mindful of phishing attempts.
- MPS also suggests changing personal account passwords.