On June 19, 2020, Metropolitan Community College of Kansas City (MCCKC) fell victim to a ransomware attack, leading to a significant data breach reported by the California Office of the Attorney General on August 14, 2020. The incident exposed highly sensitive personal information, including names, Social Security numbers, driver’s license numbers, medical records, and bank account details of affected individuals. While no confirmed misuse of the stolen data has been documented, the breach posed severe risks, including identity theft, financial fraud, and long-term reputational harm. The attack disrupted institutional operations and raised concerns over the college’s cybersecurity posture, particularly its ability to safeguard confidential student and employee data. The exposure of medical and financial records further intensified the breach’s gravity, as such information is prime targets for cybercriminal exploitation. Though no ransom demands or operational shutdowns were explicitly mentioned, the scale of compromised data spanning multiple critical identifiers underscored the attack’s destructive potential.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-193104
TPRM report: https://www.rankiteo.com/company/metropolitan-community-college-kansas-city
"id": "met530083025",
"linkid": "metropolitan-community-college-kansas-city",
"type": "Ransomware",
"date": "3/2020",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'higher education',
'location': 'Kansas City, Missouri, USA',
'name': 'Metropolitan Community College of Kansas City '
'(MCCKC)',
'type': 'educational institution'}],
'data_breach': {'personally_identifiable_information': ['names',
'Social Security '
'numbers',
'drivers’ license '
'numbers',
'medical information',
'bank account '
'information'],
'sensitivity_of_data': 'high',
'type_of_data_compromised': ['personally identifiable '
'information (PII)',
'protected health information '
'(PHI)',
'financial information']},
'date_detected': '2020-06-19',
'date_publicly_disclosed': '2020-08-14',
'description': 'The California Office of the Attorney General reported a data '
'breach involving Metropolitan Community College of Kansas '
'City (MCCKC) on August 14, 2020. The breach, which occurred '
'on June 19, 2020, was due to a ransomware attack that '
'potentially exposed names, Social Security numbers, drivers’ '
'license numbers, medical information, and bank account '
'information of various individuals, although no misuse of the '
'data has been confirmed.',
'impact': {'data_compromised': ['names',
'Social Security numbers',
'drivers’ license numbers',
'medical information',
'bank account information'],
'identity_theft_risk': 'potential (no confirmed misuse)',
'payment_information_risk': 'potential (bank account information '
'exposed)'},
'references': [{'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': ['California Office of '
'the Attorney '
'General']},
'title': 'Metropolitan Community College of Kansas City (MCCKC) Ransomware '
'Attack and Data Breach',
'type': ['ransomware', 'data breach']}