A ransomware attack in February 2025 impacted Baltimore City Public Schools, affecting thousands. The breach involved the theft of personal data from students, teachers, and staff. School officials confirmed that documents containing sensitive information were compromised, including files belonging to employees, volunteers, and contractors. The district reported that 1.5% of students, or over 1,150 students, were affected by the breach.
The exposed files included Social Security numbers, driver’s license numbers, and personal information such as absentee records and maternity status for students. The breach also impacted over 7,000 teachers, along with past employees dating back to 2010. The attack, attributed to the Cloak ransomware group, prompted the school system to notify affected individuals and offer credit monitoring services.
However, no ransom was paid, and the system’s operations were not significantly disrupted.
School officials have implemented additional cybersecurity measures following the incident, including enhanced endpoint detection and password resets for all users. Despite the breach, they emphasized that the incident did not severely impact school functions or daily operations. Law enforcement and cybersecurity experts are assisting in the recovery efforts.
Affected individuals are receiving two years of credit monitoring to protect against potential identity theft.
Baltimore City Public Schools had previously experienced a cyberattack in 2020, which cost millions in repairs. Cybersecurity experts have reported a significant increase in ransomware attacks targeting K-12 schools in 2025. The incident is part of a broader trend of rising cyberattacks on educational institutions across the country.
Reference: