Personal data from current and former students at Boone and Kenton County School Districts may have been illegally viewed and copied from district systems earlier this month, according to announcements from the districts.
Both of the breaches seem to have been the result of a phishing scheme, wherein a cybercriminal solicits personal security information, such as passwords, in order to access someone’s account.
Information for 38 Kenton County students was viewed and possibly copied, according to a Dec. 20 announcement from the district. An email statement delivered to news outlets last week confirmed this number. 200 records were affected in the Boone County attack, according to an announcement from the district.
Information accessed includes basic identifying information (birth dates, addresses, and so on) as well as student health information, Medicaid information, educational records, and information related to special education programs. The accessed records may not be uniform for every affected family. Kenton County does not believe that any financial information was accessed. Students and families involved have been notified, and both districts are encouraging families to monitor their financial accounts for signs of fraud or suspicious activity.
Read the districts’ full statements below: