St. Paul Public Schools warns families of potential data breach

St. Paul Public Schools is warning families of a potential data breach impacting student login information. 

In a letter to families, the district said a "data security incident may have resulted in unauthorized access to and acquisition of student data." However, the district says it is "unaware of any fraudulent misuse of your data."

The district learned of "suspicious activity" in its network environment in February 2023, at which point it immediately worked with the FBI, Minnesota IT Services and the Minnesota Department of Public Safety to investigate. The district learned an "unauthorized third party acquired data" during the breach. However, it wasn't until July 17, 2023, that the district could confirm the full scope of what happened. 

SPPS student names and email addresses may have been exposed during the incident, but the district says it has no reason to believe any personal information has been misused. Its investigation into what happened remains ongoing. 

In response to this, the district sent new, unique passwords to each student on Sept. 8. 

"SPPS sincerely regrets any concern or inconvenience this matter may cause, and remains dedicated to ensuring the privacy and security of all information in our control," the letter said. 

This is just the latest potential data breach to impact educational institutions. Others have impacted the University of Minnesota and Minneapolis Public Schools, among others.