A ransomware attack has compromised the data of half a million students in Chicago Public Schools

Enterprise data security incidents have become more common in recent years, with "hackers" employing "library deletion" "library crash" "Trojan horse" "crawlers" and other "technology-enhanced," the means of crime becoming more intelligent, chained, and covert. Rather than being deleted, enterprise data security is more frequently threatened by theft.

A ransomware attack on Chicago Public Schools' vendor, Battelle for Kids, is said to have compromised the data of nearly 500,000 students and 60,000 employees.

Battelle for Kids is a nonprofit education organization based in Ohio that analyzes student data shared by public school systems in order to design instructional models and assess teacher performance. According to Battelle for Kid, they have collaborated with 267 school districts, serving over 2.8 million students.

The Chicago Public Schools (CPS) district disclosed on May 20 that a ransomware attack on Battelle for Kids last December 1 exposed the stored data of 495,448 students and 56,138 employees in its school system from 2015 to 2019.

However, it is unclear exactly which ransomware group was behind this attack.

In the digital economy, new technologies such as big data, artificial intelligence, and 5G are increasingly being integrated into various fields of economic and social development, demonstrating the indisputable importance of data and information. Data mining can be used by businesses to diagnose business conditions, adjust market strategies, and improve profitability, all of which are critical breakthrough points in market competition.

Core data, in particular, is the enterprise's home base, an intangible asset that can generate significant value and is critical to the enterprise's survival and development. On the other hand, businesses can use user data to analyze the market and optimize their products, allowing them to provide better products and services to the public, creating a mutually beneficial virtuous cycle. As a result, the value of enterprise data has skyrocketed, and data security has taken center stage.

Industries and businesses with a large amount of user information are frequently at risk of data leakage, which leads to the problem of personal information leakage. Particularly vulnerable to the "black hand" are the financial, insurance, education, medical, and other industries, as well as the Internet, telecommunications operators, and other businesses.

In recent years, a number of data leakage incidents exposed by the media have shocked the public, not only because they involve tens of millions, if not hundreds of millions, of data records, but also because the leaked data has become increasingly detailed and comprehensive, and can outline the user's portrait in all aspects. In the black and gray industries, data leaks are frequently accompanied by undercurrents, and the details are concerning.

Enterprise data protection systems is not sound. Some businesses, particularly small and medium-sized businesses, are focused on rapid growth while ignoring the importance of data security; the nature of the unsound management system is a lack of data security awareness.

In fact, data is part of the enterprise assets; losing the core data, which often leads to irreparable economic losses and a loss of core competitiveness, is almost "fatal." According to the analysis, the average cost of loss caused by information leakage in a statistical analysis of more than 500 organizations around the world is $4.24 million, the highest value since 2004, serving as a wake-up call for enterprises with inadequate security measures.

To build a solid and comprehensive data security protection mechanism, we need to start with a set of tested technical measures. For example, data management classification and governance should be strengthened, and data storage, use, and transmission should be comprehensively managed and controlled.

At the same time, data security necessitates a consistent management mechanism. Do a good job of enterprise data backup and encryption, for example, and set up an enterprise disaster recovery system to recover data the first time in the event of a natural disaster or other event to ensure business continuity.

Hi, I'm Bretti, learn more in https://www.vinchin.com/en/