The Chicago Public Schools (CPS) entity officially advised parents and students of a data breach occurring via a third-party nonprofit, Battelle for Kids. Battelle for Kids is a nonprofit company that stores student course and evaluation data.
CPS states in its own letter to parents that Battelle for Kids notified CPS in late April about a breach in December which exposed 500,000 children’s names, dates of birth, gender, grade level, school, CPS student ID number and state student ID number, information about the courses students took, and scores from performance tasks used for teacher evaluations during school years 2015-16, 2016-17, 2017-18 and/or 2018-19. In addition, the information of 60,000 teachers was also exposed. CPS said no Social Security Numbers, health data, financial information or current data on courses and grades were involved in the breach.
CISA and the FBI have already been involved in an investigation of the incident since April, and CPS said it is providing 12 months of free credit monitoring and identity theft protection for students and teachers affected by the attack.