24/7 Breach Assistance

Case Studies

Cyber Incident Response Case: Higher Education, FERPA

Download PDF


A college with an enrollment of approximately 1,000 students was one of many higher education institutions hit with ransomware in 2022. While the school was not explicitly required to notify students and parents of the breach under FERPA, the U.S. Department of Education suggests notification as a best practice. And under some state laws, notification may be required. The challenge is that each state and has differing breach notification triggers. And FERPA has been amended and interpreted numerous times, making it difficult to determine what information is protected as part of an education record. Additionally, there were international notification requirements that had to be taken into account due to the enrollment of international students.


From the outset, we expected the density of the PII and PHI within the dataset to be highly reportable, and we weren't wrong. By talking with the client about our expectations and providing them with a dashboard within the first 24 hours of the dataset's contents, we quickly knew the exact data we were looking for and removed 78% of the dataset from downstream activities before we ever started. While we could reduce the size of the dataset, we still had to contend with the voluminous amount of reportable PII and PHI that spanned a ten-year timeframe. Ultimately, the entity list was four times larger than the client expected. Still, by using unique identifiers, we delivered a highly accurate entity list within our originally stated timeline and budget.


“You guys are the best at meeting the client where they are. And your style of communication works well for me.”

Share this:

Get breach assistance now.

After a cyber breach, you need a team ready to hit the ground running. We’re here for you 24/7/365. That’s our promise.

Our incident response project managers, data analytics experts, and review specialists are seasoned professionals who understand the magnitude of the situation your company is facing and the related expenses.We are here to ensure timely, accurate notification of affected parties.

CyTrex Cyber - Incident Response Service

CyTrex Cyber helps entities that need assistance managing a cybersecurity incident or that want to learn more about cyber breach management. Insurance carriers, law firms, businesses, government agencies, and educational institutions depend on us for cyber incident response support.

Privacy Policy

© 2023 CyTrex Cyber, Inc

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram