CDHE hit by ransomware attack

The Colorado Department of Higher Education released a report about a ransomware attack that saw an unknown number of student and teacher data stolen from their network.


Data from 2004

Data from as far back as 2004 was accessed and copied out of the network during the attack in June.


Not the first attack in Colorado

Along with the report from CDHE, Colorado State University and Colorado’s Department of Health Care Policy and Financing also reported attacks in the last month, both done by the Clop ransomware gang.  The group responsible for the most recent ransomware attack is unknown.

News > Cyber-Attacks > CA-General
by Kevin Wood

Colorado Dept. of Higher Ed warns past students of major data breach



Students from all walks of life affected

The Colorado Department of Higher Education (CDHE) has confirmed, via their website, that hackers accessed student and teacher information dating as far back as 2004.

In the notice, CDHE confirmed they experienced a ransomware attack where hackers were able to access their systems between June 11th and June 19th, 2023.  What’s causing the most commotion is that the data accessed, and copied, contained student and teacher names, addresses, Social Security numbers, student/teacher identification numbers, and other educational records that were specifically identified.

The Department stated that those affected may include individuals who attended a number of different sections of the education system, and different timeframes.  The list of affected sections includes:


  • Public institutions of higher education between 2007 – 2020.
  • Any Colorado public high school between 2004 – 2020.
  • Educators in K-12 public schools between 2010 – 2014.
  • In the Dependent Tuition Assistance Program between 2009 – 2013.
  • In Adult Higher Education programs between 2013 – 2017.
  • Obtained a GED between 2007 – 2011.

CDHE addressed the issue immediately and stated, “In response to this incident, CDHE is reviewing its policies and procedures and working to implement additional cybersecurity safeguards to further protect its systems. Additionally, CDHE is providing impacted individuals with complimentary access to credit monitoring and identity theft protection services through Experian for two years.” on their website.

The amount of affected individuals is currently unknown but investigations are on-going.  Also, investigators are unsure of who is behind the attack as no one has claimed responsibility for the attack.

This is not the first attack against an organization in Colorado.  Last month, Colorado State University (CSU) confirmed that the Clop ransomware gang had stolen personal information belonging to past and current students and employees.  This was part of the larger “MOVEit” mass hacks that have been spreading across the country.

In addition, the same hackers set their eyes on and infiltrated the systems at Colorado’s Department of Health Care Policy and Financing, stealing data for those involved in Colorado’s Medicaid program or those enrolled in the child health plan.

Investigations for both of these incidents is still on-going which means that company systems are still affected.  Down-time is unknown, nor is the cost, but estimates put the cost into the millions due to system downtime, loss of productivity and lack of company resources needed to perform work duties.

Having a reputable backup and recovery solution is critical in situations like this.  BBG’s Orchestration Toolkit is one of the many things that sets our Disaster Recovery as a Service platform apart from others.  By taking the time up front to setup your company servers in the solution, recovery can be as simple as pressing a button, waiting for all of your servers to spin up in the cloud and then route traffic to your cloud endpoints instead of internal endpoints.

Contact us today to get more information on how we can help!  Click the “Contact Us Today” button below to start the conversation!

“In response to this incident, CDHE is reviewing its policies and procedures and working to implement additional cybersecurity safeguards to further protect its systems.”


  • Don’t be the next statistic
  • Contact BBG today to find out how our DRaaS platform can keep your data backed up securely and provide an easy to use solution in the event you need to go into recovery mode
  • Email us today to get the conversation started!