The Mid-Prairie School District is alerting parents and students to a possible data breach. In a statement issued by administration and posted to the Mid-Prairie website, they are alerting the public to a cybersecurity incident which resulted in the exposure of personal data maintained by educational institutions possessed by Timberline. That is a Medicaid reimbursement billing service for covered IEP services to 190 different districts in Iowa.
Suspicious activity on their network came to Timberline’s attention March 5th of 2020. They alerted Mid-Prairie to this incident on September 2nd. It was determined that during this incident an unknown hacker accessed the network in both February and March, encrypted certain files and removed specific information. Despite a review of all files that could have been impacted, Timberline reports that they cannot conclude which files, or what information may have been compromised. Information that was present in possible corrupted files includes student names, Medicaid ID numbers, billing or claims information, birth dates, diagnoses and symptom information, medical record numbers, support service codes and identification numbers along with treatment information. At this point, Timberline is unaware of any actual or attempted misuse of possible gathered personal information.
In response, Timberline has enhanced records security and is offering affected students free access to 12 months of minor identity monitoring through Experian. Those seeking additional information can contact Timberline at 844-439-7669. Information about the data breach is available on the Mid-Prairie School District website at mphawks.org.