DENVER, CO — The Colorado Department of Higher Education (CDHE) was the victim of a massive data breach affecting over a decade of students.
On Friday in a press release, the CDHE said it became aware it was the victim of a cybersecurity ransomware incident on June 19th, 2023.
CDHE says unauthorized individuals were able to access CDHE data between June 11th and June 19th, copying substantial records including the following:
- social security numbers
- student names
- identification numbers
- student education records
The CDHE is continuing to review the records that were stolen and will continue to notify students and individuals who had records stolen by mail or email.
The data breach may affect the following individuals:
- Those who attended a Colorado public or higher education institution between 2007- 2020
- Those who attended a Colorado public high school between 2004-2020
- Those with a Colorado K-12 school education license between 2010-2014
- Those who participated in the Dependent Tuition Assistance Program from 2009-2013
- Those who participated in the Colorado Department of Education’s Adult Education Initiatives programs between 2013-2017
- Anyone who obtained a GED between 2007-2011
At UCCS, the university says they’re still unaware of just how many individual students were impacted by the breach. They were told, however, that a large cross-section of students were most likely affected.
"We were notified by CDHE that there was a data breach that would affect a large cross-section of our students, we are still waiting to hear from CDHE which individuals have been notified,” said UCCS Assistant Communications Director Jenna Press.
Press says the university is encouraging students affected to follow guidelines from the CDHE like changing your passwords, keeping an eye out for suspicious activity regarding your credit score, and signing up for free credit monitoring provided by the Department.
"We are advising all of our students to keep an eye out on their email and their mail, CDHE will be reaching out to those who they think will be potentially impacted. We are also encouraging all of our students to sign up for the free credit monitoring CDHE is offering after this incident,” said Press.
For anyone impacted by this incident, the CDHE has been providing impacted individuals with complimentary access to Experian credit monitoring and identity theft protection services for two years.
Going forward, the CDHE says it will continue to look at its current cyber security systems and safeguards and review the changes needed to protect data going forward. The CDHE did not provide a number on how many individuals were impacted at this time.
The CDHE is asking anyone within the categories to continue to monitor for any incidents of fraud or identity theft.
The CDHE has a hotline available for anyone with questions. You can contact them at (833) 301-1346.
This is a developing story and will be updated as News 5 learns more.
Watch KOAA News5 on your time, anytime with our free streaming app available for your Roku, FireTV, AppleTV and Android TV. Just search KOAA News5, download and start watching.