Chicago Public Schools

Hackers expose information for 700,000 current and former Chicago students, district says

By 
Mila Koumpilova
 | March 7, 2025, 9:23pm UTC
Four students with backpacks walk down a hallway with lockers on the left of them.
Students walk a hallway at Juarez High School on Thursday, June 9, 2022 in Chicago. CPS said Friday that student information was stolen and posted on the dark web. | Christian K. Lee for Chalkbeat (Christian K. Lee for Chalkbeat)

Sign up for Chalkbeat Chicago’s free daily newsletter to keep up with the latest news on Chicago Public Schools.

In a ransomware attack last year, Russian hackers stole private information for more than 700,000 current and former Chicago Public Schools students and put it on the dark web, district officials said Friday.

According to the district, the hackers gained access to a server where a CPS technology vendor stores student data. Using a weakness in the vendor’s software that CPS uses to share data with other agencies, the hackers stole information from the district and more than 60 other organizations across the country.

Students’ names, dates of birth, genders, and Chicago Public Schools student ID numbers were stolen.

“While we are still investigating this incident, we believe that all current students, and all former students dating back to the 2017-2018 school year were impacted,” the district said in a statement.

For roughly half of the impacted students, or about 344,000 current and former students, Medicaid ID numbers and dates of program eligibility were included in the data breach.

The stolen student information was originally encrypted, which the district likened to the hackers stealing a locked briefcase but without the key. However, district officials confirmed Friday that the hackers were able to break that encryption, exposing students’ private information.

The dark web is a part of the internet inaccessible with search engines, where illegal activity often takes place. The district said it would write to families Friday afternoon to inform them about the breach.

The district said it was never contacted about paying ransom in return for the stolen data. A growing number of school districts in recent years have been victims of such data ransomware attacks, which have at times exposed sensitive student and employee information. Technology news site TechCrunch reported that the Russia-linked ransomware gang Clop stole the data from CPS and almost 60 other organizations, taking advantage of a bug in software tools from tech company Cleo.

The district said Friday it worked with the FBI, the Department of Homeland Security, the State of Illinois Department of Innovation and Technology and other agencies to investigate the incident. Officials stressed that the stolen data did not contain Social Security numbers or financial information.

The district said it does not have any evidence that any of the stolen information has been misused. More information and resources for families are at cps.edu/databreach.

Mila Koumpilova is Chalkbeat Chicago’s senior reporter covering Chicago Public Schools. Contact Mila at mkoumpilova@chalkbeat.org.

The Latest
Trump administration targets CPS plan to support Black students citing federal civil rights law

Federal investigation targets Chicago schools’ long-awaited Black Student Success Plan. State law mandated the Chicago Board of Education create a plan to “bring parity between Black children and their peers.”

By 
Becky Vevea
 | April 29
Universal preschool enrollment is high, but program has few guardrails on quality, report finds

Colorado ranks third in the nation, after Washington, D.C. and Vermont, for the share of 4-year-olds served in its state-funded preschool program.

By 
Ann Schimke
 | April 29
The key question in the St. Isidore case: Are charter schools actually public schools?

Backers of a proposed religious charter school argue that charter schools are more private than public. The Supreme Court case could upend the charter sector, with implications for funding, autonomy and more.

By 
Erica Meltzer
 | April 28
Cellphone bans, artificial intelligence, and untying test scores from teacher evaluations are just some of the education issues Illinois lawmakers are considering

The Illinois legislative session is scheduled to end on May 31. Lawmakers are considering several education bills and negotiating the fiscal year 2024 budget. Here is what Chalkbeat is following.

By 
Samantha Smylie
 | April 28
Students with disabilities could be hit hardest by federal education changes, advocates say

Advocates warn that transferring federal special education oversight to another department could weaken enforcement of the Individuals with Disabilities Education Act and other disability rights laws, while jeopardizing funding, research, and implementation.

By 
Jessie Gómez
 | April 28
COVID did a number on student math learning. These Tennessee school districts buck the trend.

Some districts invested pandemic relief money in instructional coaches and increased time spent on math. Test scores suggest that strategy’s paying off.

By 
Steven Yoder, The Hechinger Report
 | April 28