Hackers don't stop at city hall
Threat actors target organizations that, while outside the state’s IT domain, provide critical services to its citizens—education systems, healthcare providers, benefits platforms, and technology contractors. These entities form the extended infrastructure of public life. When they’re breached, it’s not just data that’s compromised—it's trust, access to essential services, and the well-being of the public. For state governments, the lines of responsibility may be blurred, but the stakes are high.​
Data breach exposes sensitive student records in Kansas City
PowerSchool, which provides its K-12 software to thousands of public schools to support 60 million students across the U.S., was hacked in December 2024 using a single stolen credential. The hackers used the stolen password to access to personally identifiable student and teacher data, including Social Security numbers and health data. Read more...
Ransomware attack on Rhode Island health services exposes personal data of hundreds of thousands
RIBridges—Rhode Island's platform for benefits like Medicaid and SNAP—suffered a ransomware attack after hackers infiltrated the system using stolen credentials, then planted malicious software that led to the exfiltration of sensitive data affecting over 640,000 residents. Read more...
Texas Tech University Data Breach Impacts 1.4 Million
A ransomware attack against Texas Tech University Health Sciences Center compromised the personal and medical information of approximately 1.4 million individuals. Attackers used compromised credentials to gain unauthorized access to networks. Read more...
START is just the beginning.
With START, state government can lead industry in the implementation of security systems and help provide the path to preventing ransomware and data breaches.