DMPS Notifies Individuals of Data Security Incident

Des Moines Public Schools is reaching out to nearly 6,700 individuals this week to notify them of a data security incident that occurred earlier this year. The incident, which involved a cyberattack against the school district in January, may have resulted in the exposure of personal information belonging to those individuals.

As previously disclosed, the district’s technology team detected an incident on January 9, 2023, and swiftly responded, halting the unauthorized activity, and launching an investigation with the assistance of third-party forensic specialists. While the investigation is ongoing, it has now been determined that some data was exposed during the attack. However, there is currently no evidence of financial fraud or identity theft associated with the data breach.

Those individuals who were potentially impacted will receive a letter this week noting the type of data that may have been exposed. As a precautionary measure, potentially impacted individuals are being offered complimentary credit monitoring services. The letter also includes information for recipients on how they can place a fraud alert on their credit file, place a security freeze on their credit file, and obtain a free credit report.

The cyberattack against DMPS included a ransom demand. No ransom has been or will be paid in response to this attack based on the advice of our cybersecurity experts and what is in the best interest of the school district and community.

“We want to express our deepest gratitude to everyone for their patience and understanding as we address this unfortunate incident,” said Matt Smith, Interim Superintendent of DMPS. “Data breaches have become all too common for public agencies and private businesses alike, and we recognize the impact they can have on individuals.”

Following the incident, DMPS took immediate steps to bolster the security of its data systems. In addition to the existing security measures, further technical safeguards are being implemented to prevent similar incidents in the future.

The district remains fully committed to maintaining the privacy of personal information and continuously evaluates and modifies practices to enhance data protection.