HUNTSVILLE, Ala. – Huntsville City Schools is advising employees, contractors, parents, and students that some personal information may have been compromised in the ransomware attack.
According to HCS, the following information may have been compromised:
- State Student Identification Numbers for students enrolled during the 2013, 2016, and 2020 calendar years
- Parental email addresses linked to student ID numbers of students enrolled in 2020
- Social Security Numbers for the following groups:
- HCS employees who worked for the district from 2010-2020
- Contractors who performed services for the district from 2010-2020
- Students involved in a “Fantastic Four” club in 2008
The district is encouraging anyone who may have been impacted to remain vigilant and watch for possible instances of fraud or identify theft over the next 12-24 months.
By law, everyone is entitled to a credit report once every 12 months from each credit bureau (and weekly through April 2021). Reports can be obtained online.
Fraud alerts (requiring credit bureaus to contact consumers before opening any new accounts or changing existing accounts) or security freezes (preventing credit bureaus from releasing information in reports without express consumer permission) are also other options.
Anyone considering placing fraud or security alerts will need to contact each credit bureau separately.
- Equifax: PO Box 740241, Atlanta, GA 30374; equifax.com; (800) 525-6285
- Experian: PO Box 2104, Allen, TX 75013; experian.com; (888) 397-3742
- TransUnion: PO Box 2000, Chester, PA 19016; transunion.com; (800) 680-7289
Locally, HCS will answer questions about the possible breach from 8 a.m.-4:30 p.m. on the following dates:
- Monday, December 21
- Tuesday, December 22
- Wednesday, December 23
- Monday, December 28
- Tuesday, December 29
- Wednesday, December 30
- Monday, January 4-Friday, January 8
However, HCS said the response team will not receive or share any personal information, confirm who was involved in the possible breach, or provide any information beyond the notice on the HCS website.
HCS further added the district was not aware of any actual or attempted misuse or theft of any personal information as of Monday, December 21.