Four days after an attack by a notorious ransomware gang disrupted the Minneapolis, Minnesota, school district’s computer network, accessing reams of students’ and educators’ sensitive information, officials contacted the FBI and laid out what happened. 

The district “immediately initiated an investigation” after its Feb. 17, 2023, discovery that school system files had been encrypted by ransomware, officials told the federal law enforcement agency. A day later, Minneapolis schools hired a third-party forensics investigation firm to negotiate the hacker’s demand for $4.5 million in bitcoin. 

Yet when school officials notified students and parents, they vaguely described what happened as an “encryption event” and offered a drastically different story than the one in their Feb. 21 report to the FBI. According to records obtained by ĂÛÌÒÓ°ÊÓ through public records requests, the district told families in a Feb. 24 email that its investigation “has found no evidence that personal information was compromised.” 

The statement was sent after cybersecurity experts advised district communications staff that “sharing the least amount of information” as possible was “in the best interest” of district security. 

Threat actors with the ransomware gang Medusa — known for encrypting and stealing sensitive records from cyberattack victims and then threatening to publish them in what’s known as a “double-extortion” scheme — took credit for the attack. Medusa ultimately published a trove of sensitive school district files online. The leaked documents detail campus sexual misconduct cases, child abuse inquiries, student mental health crises and suspension reports. 

Minneapolis school leaders didn’t acknowledge for nearly two weeks after the attack that sensitive records may have been compromised — and waited months to notify breach victims directly by letter. 

The district didn’t respond to requests for comment.

As Minneapolis recovered from the attack, records show, it turned first to its insurance provider and cybersecurity lawyers, who were paid as much as $370 an hour to negotiate with the hackers, investigate the breach and keep information about the incident outside of public view. 

An insurance company, which held a $1 million liability policy on the district with a $100,000 deductible, was the first point of contact in the event of a cyberattack, according to a school system incident response plan obtained by ĂÛÌÒÓ°ÊÓ.  The cyber insurance provider will “facilitate breach counsel and forensic investigation teams,” the plan notes, and deploy “experienced negotiators” to communicate directly with the hackers. The policy also states it would cover the district’s liability for bad press, fines and “regulatory proceedings” related to a cyberattack. 

“The insurer will typically have an approved panel vendor list for breach counsel, computer forensics and incident response teams,” the plan notes.  

Attorneys with the leading cybersecurity and data privacy law firm Mullen Coughlin were hired to carry out a “privileged investigation,” according to its report to the FBI, with the firm relaying that information about the attack should not be released publicly. 

“Per [Minneapolis Public Schools’] request, all questions, communications and requests in connection with this notification should be directed to Mullen Coughlin,” according to the notification to the FBI, which was signed by an associate attorney with the third-party law firm. Mullen Coughlin didn’t respond to ĂÛÌÒÓ°ÊÓ’s request for comment.

Forensic investigation work was conducted by the cybersecurity incident response company Tracepoint, a subsidiary of the government and military contractor Booz Allen Hamilton, which Bloomberg News has dubbed “the world’s most profitable spy organization.” The researchers prepared “a report detailing the forensic analysis process and analysis” at Mullen Coughlin’s direction, records show. On March 14, 2023, the researchers held a meeting with district administrators where they went “through the list of what TA [the threat actor] might’ve accessed,” and answered questions. 

The data leak had a direct, detrimental impact on breach victims, records show. In an email to the district in March, one educator reported that someone withdrew more than $26,000 from their bank account. Another person got a direct Twitter message from the “Medusa contact team,” urging the person to respond to the threat actors immediately or else “we will ensure your popularity.” 

In March, Medusa ransomware actors posted the district’s stolen files online after the school system did not pay what the cybercriminals said on a leak site was a $1 million ransom — a markedly lower figure than the $4.5 million the district reported to the FBI. The breached files, according to an analysis by ĂÛÌÒÓ°ÊÓ, include confidential and highly sensitive records about individual students and teachers. 

It wasn’t until September 2023 — seven months after the attack — that 105,617 people were notified the “hacking” incident exposed their sensitive information, according to a data breach notice sent to the Maine attorney general’s office. The notice states that the process to identify that information had been completed in July — a month and a half before officials notified victims.

“Although it has been difficult to not share more information with you sooner,” the letter to victims notes, “the accuracy and the integrity of the review were essential.”

As of Dec. 1, 2024, all schools in Minnesota are now to the state but that information will be anonymous and not shared with the public.

This story was supported by a grant from the Fund for Investigative Journalism.

Minneapolis Public Schools will use the last of its reserves and then some during next school year if it does not make substantial budget cuts or receive additional state or federal revenue. This is according to the district’s , a five year financial projection that the district prepares each year, which was presented to the school board’s finance committee on Tuesday evening.

The district is projecting an $84 million budget deficit in the 2025-26 school year, followed by deficits reaching $100 million in the next four years.

At the end of next school year, the pro forma predicts a general fund balance of -$14.9 million, which is -2.1% of the district’s operating expenses. This is just above the -2.5% that would signify “ and lead to mandated state intervention. If voters approve a $20 million increase in the operating capital levy in November, the -2.5% trigger would still be reached in the 2026-27 school year without additional changes.

Get stories like this delivered straight to your inbox. Sign up for ĂÛÌÒÓ°ÊÓ Newsletter

The dire outlook comes despite the district making more optimistic assumptions about its revenues and costs compared to previous years. The district assumes enrollment will decrease by one percentage point less each year than it forecasted in last year’s pro forma because of a one-time increase in kindergarten enrollment this year. John Clinton, Minneapolis Public Schools’ executive director of finance, told board members he did not know what the district’s current enrollment is, nor the size of the current kindergarten class, when asked.

The district has had a growing number of new to country students enrolling in the district the past two school years. The district does not track immigration status of students, but last year,  it had about 3,700 newcomer students enrolled in the district, most whose home language is Spanish.

The district’s funding is primarily based on enrollment, so higher enrollment projections mean higher revenue for the district.

Newcomer students whose home language is not English receive substantial support from the district to learn English. The state requires the district to provide these services but  to the district. This year, the district expects to  on support for English Learners than it receives in state aid for the services.

In the pro forma, the district assumes that overall its costs will increase at 2% per year, slower than the 4% rate it assumed in last year’s pro forma. The district also assumes that as enrollment declines, the number of licensed teachers it employs will decline, according to Clinton.

The district assumes that it will have an annual 2.5% increase in labor costs, the same assumption it made in its previous pro forma. The most recent contracts with teachers and education support professionals, the district’s two largest employee groups, included annualized cost increases of approximately 12% over the two years of the contracts, a much bigger cost than the projected 2.5%.

The district anticipates ending the current school year with $69 million in its general fund balance. This assumes that it ended last fiscal year with $154 million in its general fund balance, an amount nearly $13 million more than what the district had expected. In monthly financial statements presented to the school board in September, the district showed its general fund balance at the end of last year was about $90 million. Clinton told the board that the fluctuating estimate of the general fund balance is because of how the district is funded.

The school board reaffirmed its policy governing the district’s reserves last spring. This policy requires the district to maintain 8% of its operating expenses in its reserves. Based on its current expenses, this policy means the district must hold about $57 million in its unassigned general fund balance.

To meet its projected fund balance for the end of this fiscal year will require the district to limit its use of reserves to $55 million this year, and have a 4.75% vacancy rate to realize nearly $24 million in vacancy savings. Vacancy savings are funds the district budgets for, but believes it will not spend because it is unable to hire staff to fill the positions. At the school level, the majority of the  are for staff who serve special education students and students who attend Northside schools. The district’s  is 4%.

How the district and school board will balance the budget next school year remains unknown. The pro forma is a financial projection but does not include budget recommendations. The projection sets a baseline for the district administration and board as they develop the budget for the upcoming school year.

This story was originally published on .

Shortly after a dozen gunshots erupted from a stolen red SUV on the northside of Minneapolis this month, emergency dispatchers were notified of the drive-by shooting that shattered a window at the school district’s administrative headquarters. 

District officials promptly reported the shooting to the cops, who briefly halted their chase when they encountered a school bus dropping off students. A second police report, this one from a California-based surveillance company, had also alerted authorities to the ear-piercing pops. 

The incident resulted in the arrest of three teenagers, who were ultimately chased down by cops on foot and a state police helicopter in the air. Shootings and car thefts have surged in Minneapolis over the last several years and, in , Minneapolis Police Chief Brian O’Hara said that out-of-control youth had become “a danger to themselves and to anyone who happens to be around them.” 

Yet in some ways, the teenage arrests were an anomaly: The controversial ShotSpotter surveillance sensors that notified police to the blasts, have found, rarely direct police to the scenes of firearm crimes. Concerns about ShotSpotter false alarms and their disproportionate effects on Black residents didn’t stop the city’s school district from secretly partnering with the company, an investigation by ĂÛÌÒÓ°ÊÓ has revealed. 

For nearly a decade, Minneapolis Public Schools has made northside campus buildings available to bolster a massive surveillance network that peppers neighborhoods with microphones designed to detect, analyze and geolocate gunfire. 

Since at least 2014, the school district has agreed to host nondescript ShotSpotter sensors on the rooftops of campus buildings, according to contracts that were leaked as part of a massive cyber attack on Minneapolis Public Schools earlier this year. Six agreements, signed in 2014 and 2019, authorize the sensors to be mounted atop school buildings “in an ‘out of sight’ fashion. The city maintains the primary contract to station ShotSpotter sensors throughout Minneapolis; the school district simply agreed to host the devices on their property. Last year, the city’s latest contract for the sensors totaled $168,000, according to GovSpend, a database that tracks government procurement. 

Subjected to a relentless stream of mass school shootings, school districts nationwide spend billions of dollars each year on campus security, including on gun-detection hardware. Yet ShotSpotter’s footprint in education remains largely unknown. The locations of the gun-detection sensors in Minneapolis and urban communities nationwide have for years been intentionally hidden.

In the leaked contracts, Minneapolis school officials agreed to withhold from the public information about its participation in the surveillance program. Details about the sensor locations, officials agreed, “cannot be disclosed under any circumstances.”

In Minneapolis, campus ShotSpotter locations were uncovered during ĂÛÌÒÓ°ÊÓ’s investigation into the fallout from the February cyber attack. Highly sensitive information about students and educators, as well as confidential campus security information, were published online in March after the district failed to pay the Medusa cyber gang’s $1 million ransom demand. 

ShotSpotter’s efforts to thwart bloodshed from gun violence is commendable, said Teresa Nelson, the legal director of the American Civil Liberties Union of Minnesota. But, she said, privacy and racial disparities in ShotSpotter locations, as well as reports calling into question the sensors’ effectiveness, outweigh their potential benefits. And efforts to withhold the school district’s ShotSpotter agreement from the public, stifle resident’s ability to engage in conversations about how to keep their communities safe, Nelson said.

Ultimately, “it adds a layer to the idea of policing in our schools” that could be problematic, she said. ShotSpotter coverage of schools, she worried, could send police who are “ready for an extremely dangerous confrontation” to campuses “for no reason” due to false alarms from fireworks, backfiring cars and other loud noises. 

“That changes the tenor of policing in that area,” she said. “Police have tremendous power and so the community is entitled to know how they’re using that power and how they’re using new technologies that allow them to effectively conduct general mass surveillance.”

The Minneapolis school district didn’t respond to multiple requests for comment. The district has been criticized for not sharing more information with the public about the nature and extent of the breach — on its website is from April 11. It declined interview requests from ĂÛÌÒÓ°ÊÓ for a May 15 investigation about the breach of closely guarded campus security information and didn’t respond to questions for a May 5 article on the leak of highly sensitive information about students and staff.

In an email, Minneapolis Police Department spokesperson Garrett Parten declined to disclose the number of ShotSpotter sensors deployed across Minneapolis, adding that the company selects installation locations. The technology, he said, “has been an excellent tool in aiding the quick location of shooting victims” so they can receive medical attention “when seconds count.”

“In general, ShotSpotter pinpoints the location of gunfire,” Parten said. “This allows officers to respond directly to a location rather than doing a grid search looking for evidence. As such, officers are able to quickly locate and secure evidence that might otherwise be removed, compromised, or missed altogether.”

Thomas Chittum, the senior vice president of analytics and forensic services at ShotSpotter owner SoundThinking, said the data breach in Minneapolis is a rare occurrence but the publicly traded company is taking the incident seriously. Though the sensors are regularly placed on municipal buildings like police departments and schools, he declined to specify how many are stationed on campuses in Minneapolis or nationwide. Sensor locations are confidential, he said, to prevent vandalism, retaliation against businesses and agencies that agree to host the devices, and efforts by gunmen to get around the system. 

“Now that these things are known publicly, we have to assess whether or not we think it poses a risk to the efficacy of the system,” said Chittum, who retired last year as acting deputy director of the federal Bureau of Alcohol, Tobacco and Firearms. “The sensors are not hard to relocate but we’ll have to assess whether or not that’s feasible and necessary.”

Few arrests, little evidence of gun-related crimes 

Researchers and civil rights groups have warned for years that the technology, which is disproportionately deployed in communities of color, could do more harm than good by routinely sending militarized police into high alert over false alarms. SoundThinking maintains that its ShotSpotter sensors are 97% accurate.

The on ShotSpotter’s efficacy, published in 2021 in the peer-reviewed Journal of Urban Health, reported dismal findings. The analysis of ShotSpotter in 68 metropolitan counties from 1999 to 2016 found the sensors had no significant impact on firearm-related homicide rates or arrest outcomes. 

ShotSpotter deployments have been especially contentious in Chicago, where the sensors are disproportionately installed in neighborhoods with large percentages of Black residents. In , ShotSpotter alerts send Chicago police to locations where they failed to find evidence of gun crimes, according to research by the MacArthur Justice Center at Northwestern University’s law school. Between April 2021 and April 2022, , 90% of ShotSpotter dispatches failed to find evidence of guns. In a 2022 lawsuit, the group that enables discriminatory policing without a clear public safety benefit. 

from the city’s Office of Inspector General, published in 2021, reached similar results, concluding that the alerts rarely produced evidence of gun-related crimes, investigatory stops or recovered firearms. Yet the sensors led police to make more aggressive stops in certain neighborhoods, the office found, offering fodder for advocates who argue the devices  lead to the over-policing of Black residents. 

In a, researchers called the MacArthur analysis “misleading” and concluded that, “based on client reports,” ShotSpotter sensors were 97% effective in detecting gunfire. 

Chittum said the sensor locations are selected based on historical crime data and rejected advocates’ concerns over racial disparities. 

“The people that balk at the idea that you would deploy public safety infrastructure in the place where it could do the greatest good boggles my mind,” he said. “Of course you’re going to deploy it in the place where it’s most likely to help the people that have had the greatest impact from gun violence. I just don’t understand why you wouldn’t want law enforcement to know about shootings that occur in those neighborhoods.”

While the City of Chicago has long been a key ShotSpotter customer and former Democratic mayor Lori Lightfoot called the tool “a lifesaver,” . New progressive Mayor Brandon Johnson campaigned on a promise to end the city’s $33 million ShotSpotter contract, vowing to instead “invest in new resources that go after illegal guns without physically stopping and frisking Chicagoans on the street.” After Johnson’s election, the more than 25%.

After weighing the costs against their benefits, officials in several cities — including , and — have ended their ShotSpotter subscriptions. In San Antonio, officials spent more than $500,000 for the sensors, an expenditure that led to four arrests and seven weapons seizures . 

Similarly in Minneapolis, ShotSpotter alerts have rarely led to arrests or evidence of gun-related crimes, . An analysis found that Minneapolis police responded to about 8,500 ShotSpotter activations from January 2020 to September 2021. About 80% of the time, police didn’t locate evidence of a gun-related crime and only 32 activations — less than 1% of the total — led to an arrest.

On one occasion, in 2012, the city on New Year’s Eve because the system became overwhelmed by alerts from the blasts of fireworks. 

‘Still losing our young people’

The six Minneapolis campus ShotSpotter locations disclosed in the breach are clustered in the city’s northside. Districtwide, about a third of Minneapolis students are Black. At the campuses where ShotSpotter sensors were disclosed, nearly two-thirds of students are Black. 

The roughly 33,000-student district operates just shy of 100 schools. It’s unclear whether the devices were placed at a limited number of district locations or whether information about other campuses that serve as ShotSpotter hosts were spared in the data leak. Though police said ShotSpotter alerted them to the recent drive-by shooting — along with calls from educators — the leaked contracts don’t outline a sensor location at the district’s administrative offices. 

While the specific locations of ShotSpotter sensors citywide haven’t been publicly disclosed, residents are well aware of their presence in certain neighborhoods, said Marika Pfefferkorn, a Twin Cities-based student privacy advocate and executive director of the Midwest Center for School Transformation. Yet the devices, she said, haven’t done enough to keep people safe. 

“It’s not preventing the shots (from being) fired,” Pfefferkorn said. “We’re still losing our young people.”

In Minneapolis, homicides have surged by 166% since 2019 and the number of gunshot victims has more than doubled, . More than four-fifths of shooting victims in the city are Black, according to the data, as are 89% of suspects. 

Outside Minneapolis, three school districts — one in Texas and two in Massachusetts — have purchased ShotSpotter services, according to GovSpend.

In 2021, the Newark, New Jersey, school district agreed to install the sensors on 30 school buildings in predominantly Black neighborhoods, . Information about the agreement was removed from the school system’s website after the school board received an email inquiry from the education news outlet. 

In a 2022 email also exposed in the Minneapolis data breach, a ShotSpotter employee declined to disclose to a school district facilities official the on-campus locations of its censors, arguing that could allow the information to “fall into the wrong hands.” 

“If the location of all sensors became known to the public,” the employee wrote, “criminals would have the capability to disable the gunshot location and detection functionality of the system, or otherwise seriously compromise the law enforcement utility of the system.”

As communities nationwide debate efforts to bolster security in school buildings, parents are demanding a seat at the table, said Kenneth Trump, president of the Cleveland-based National School Safety and Security Services. 

“Parents expect authentic, transparent communication from school officials,” he said. When schools and cities equip communities with emerging security technology, officials “had better be transparent about expectations and limitations, and I’m not sure that’s occurring.” 

Ultimately, it’s up to the City of Minneapolis to assess whether the sensors work as intended, said Nelson of the ACLU’s Minnesota chapter. 

“Without strict limitations and auditing, we can never really be certain that it’s not being abused,” she said. “There needs to be more transparency and more assurances that it’s not going to be abused.”

It took two years of middle school girls accusing their Minneapolis English teacher of eyeballing their bodies in a “weird creepy way,” for district investigators to substantiate their complaints.

Their drawn-out response is revealed in confidential and highly sensitive Minneapolis Public Schools investigative records that are now readily available online — just one folder in a trove of tens of thousands of leaked files that outline campus rape cases, child abuse inquiries, student mental health crises and suspension reports. 

The files, purportedly stolen from the Minneapolis school district, first appeared online in March, just days after a ransomware gang named Medusa announced the school system failed to pay $1 million to keep its information from getting posted to the web. 

In a leaked 2018 email, a district official seems to make light of the frequency of civil rights complaints after several girls accused their high school Arabic teacher of inappropriate touching. 

“When it rains, it pours, I guess!” the district official wrote. In other documents, an educator was accused of buying a colleague a lap dance during an afterwork outing to a strip club and, in a separate incident, a district technology specialist was accused of hacking into a girl’s social media to stalk her on a date. The veracity of the files hasn’t been confirmed by Minneapolis schools but by all appearances, they expose a shocking degree of information about current students and staff. 

The information is so searingly personal that attorney and student privacy consultant Amelia Vance said she would have a hard time strategizing a mitigation response. 

“I’m an expert in this and I have no idea,” Vance, president of the Public Interest Privacy Center, told ĂÛÌÒÓ°ÊÓ. 

The records were uncovered in an analysis by ĂÛÌÒÓ°ÊÓ of a cache of files reportedly stolen from Minneapolis schools and uploaded to the internet after the district fell victim to what it euphemistically described as an “encryption event.” The Medusa gang, a that adopts a clumsy, perhaps youthful online persona, ultimately took credit for the February breach that led to . 

The vast records — more than 189,000 individual files totaling 143 gigabytes — also offer a remarkable level of raw insight into the district’s civil rights investigation process for sexual assault and racial discrimination complaints and detailed information on campus security and other district operations that many school systems seek to keep under wraps. In total, they highlight the attack’s severity and the extent to which students’ and employees’ sensitive information is vulnerable to abuse. 

Minnesota-based student privacy advocate Marika Pfefferkorn said she’s already heard from multiple concerned parents whose children had their sensitive information caught up in the breach, but that district officials have failed to communicate with them about their concerns. 

“One of the reasons we have had so many parents reach out to us is because the information (the district) has posted on their website is just like nothing,” Pfefferkorn said. “It’s like it was an afterthought.” 

She’s also struggled to give meaningful advice to anxious parents who need help. 

“The conversation that we’re having is like, ‘Your information is going to be out there forever, and the impression of you is also going to be out there forever,’” she said. “I don’t know the advice that I need to be giving them other than, ‘You need to be aware of what’s happening and communicate with the district what your expectations are.” 

‘A rock over their head’

While the oldest breached records span back to at least 2018, the most recent files, including several related to confidential civil rights cases, are from earlier this year. Some of the files — which were previewed in a 50-minute video — can be read with little more than a Google search. 

The way the files were uploaded is “part of what makes this incident so heartbreaking and extraordinary,” Vance said. 

Breaking from standard procedure for data leaks, the stolen Minneapolis records weren’t published to the dark web. Instead, as ĂÛÌÒÓ°ÊÓ first revealed, download links were published to Telegram, the encrypted instant messaging service, and a faux technology news blog that appears to have direct ties to the ransomware attackers. Unlike breaches posted to the dark web, which require special tools and some know-how to access, Vance said “this information is easier to access and potentially easier for people to have follow them around for the rest of their lives.”

The files include district financial records, educators’ Social Security numbers and other documents that have long been targets for cyber criminals looking to facilitate identity theft. Yet Vance said the real harm — and a distinguishing feature — of the Minneapolis breach is the sheer volume of compromising information about students and staff that has been exposed. 

The district didn’t respond to a list of questions from ĂÛÌÒÓ°ÊÓ. In its , from April 11, interim Superintendent Rochelle Cox said it has completed a review of data “posted online on March 7 and has contacted many individuals whose information was accessible as a result of this event.” While a small subset of the data was previewed in a video in early March, a download link for the complete archive of stolen district records didn’t become available until late March. Cox said the district is working with “external specialists and law enforcement” to review data posted after March 7, but does “not have the results of that investigation.” 

Because the harm from ransomware attacks have long been framed through the lens of identity theft and fraud, robust protections are now in place to help the victims of financial crimes, Vance noted. Parents can freeze their children’s credit. People can also cancel any credit cards that get caught up in a breach, and districts regularly provide identity theft protection to data breach victims. 

After the release of highly sensitive information, she said there are no clear remedies for something that could be potentially life altering for victims.

“This becomes a rock over their head for their entire life: ‘When is someone going to find out about the worst thing that ever happened to me?’” Vance said. “If I were a parent dealing with this, what on earth do you do next?” 

‘Potentially catastrophic’ 

Federal law enforcement officials have long advised school districts and other cybercrime victims against paying ransom demands, but the sheer volume and sensitive nature of the breached Minneapolis files has left some experts questioning whether the district made the right call by refusing to pay up. 

“There are circumstances where — if you’re looking at it from a question of, ‘How do you reduce potential harm and risk and danger to your school community,’ — then doing the unsavory is perhaps the correct choice,” said Doug Levin, the national director of the K12 Security Information Exchange.

Officials generally warn against paying ransoms for several reasons: Negotiating with known criminals may not produce the desired outcome, and offering payments helps finance future crimes. But in this case, Levin said the Minneapolis district was presented with a difficult choice. Even before the records were posted online, the group took extraordinary steps — including uploading a video to Vimeo — to publicize sensitive records in what appeared to be a particularly aggressive bid to coerce payment. 

Given how current and diverse the stolen records are, Levin and other experts suspect Medusa infiltrated multiple live computer systems. The freshness of the files, Levin said, means their content may still be accurate and, for bad actors, actionable. 

Calling the Minneapolis breach a “worst-case scenario,” he said, “The amount of information that was taken and the recency and the scope of it is certainly deeply troubling.”

Minneapolis may be a cautionary tale for districts nationwide who have fallen prey to money-hungry ransomware gangs leveraging “double-extortion” attacks against schools, hospitals and businesses. In such incidents, which present an alarming evolution from previous strategies, threat actors gain access to a victim’s computer network, download compromising records and lock the files with an encryption key. Criminals then demand their victim pay a ransom to regain control of their files. Then, if the money doesn’t materialize, they sell the data or publish it to a leak site. 

Ransomware attacks on U.S. schools have become a primary concern for federal law enforcement officials this year. In January, the federal Cybersecurity and Infrastructure Security Agency in attacks with “potentially catastrophic impacts on students, their families, teachers and administrators.” Since the pandemic forced students into remote learning, district cyber attacks have been particularly acute. The number of publicly disclosed cybersecurity incidents affecting schools grew from 400 in 2018 to more than 1,300 in 2021, according to that relies on data from Levin’s group. 

Federal law enforcement officials have had several recent victories in tracking down cybercriminals. BreachForums, a popular dark web marketplace where people could buy stolen data, was shuttered after Federal Bureau of Investigation agents in March. The capture of the 20-year-old, who authorities allege operated the forum from his parents’ Peekskill, New York, house, sent shock waves through the cybersecurity community and disrupted the global cybercrime ecosystem. In January, federal authorities took control of a prolific ransomware gang’s leak site and against seven men connected to a Russian-based ransomware group known to target schools. 

In Washington, pending introduced last month seeks to better track cyber incidents in schools and would provide $20 million over two years to help affected systems recover. 

Last year, the school district in Los Angeles, the country’s second largest, suffered a massive ransomware attack that exposed a trove of compromising information about educators, students and district contractors. In response to investigative reporting by ĂÛÌÒÓ°ÊÓ, the Los Angeles district acknowledged the breach included the sensitive mental health records of at least 2,000 current and former students after publicly denying those records were exposed. Last month, data from the Rochester, Minnesota school district was breached after it that forced leaders to cancel classes. shuttered Des Moines, Iowa, schools in January. 

Swift action needed

Taken together, the leaked Minneapolis records offer a startling quantity of compromising information about students and teachers. They also include detailed records about campus security systems that school officials said could place children and educators at a heightened risk of physical danger. 

A single spreadsheet details 699 disciplinary incidents from the 2015-16 school year, listing students’ names and a brief description of incidents. One entry claimed a student was “threatening other students’ mothers,” and another claimed a student put his hands together in the shape of a gun and said “I’m bringing a gun to school tomorrow and shoot.” 

Each of the spreadsheet entries contain pinpoint demographic information about individual students, including their race, gender, whether they’re in special education, if they’re homeless or are learning English as a second language. 

One group of files include letters informing disciplined students they could face trespassing charges if they show up on campus, while another includes reports of student maltreatment, including allegations a bus driver hit a student and that a teacher used excessive force. 

Such records could be valuable for blackmail — and for the police. In 2020, for example, a Florida county sheriff’s office used sensitive student records to predict which ones were likely to “fall into a life of crime.” In other cases, police agencies have leaked in data breaches to conduct investigations. 

A separate group of Minneapolis records, purportedly from 2015 to earlier this year, outline nearly 300 individual district equity and civil rights investigations. 

In one case, district investigators found that over the course of several years, a boy coerced a classmate into sexual encounters in exchange for $5 and, in another case, a high school girl reported getting raped in a campus bathroom. In a detailed 2018 complaint, a high school girl accused a male classmate of raping her in a car after a home football game. Yet a district investigator ultimately dropped the complaint because the girl declined an interview and the official was “unable to ascertain her credibility based only on her written statement,” according to breached files. 

In multiple complaints, educators were accused of being racist. Just last year, an English as a second language teacher at a Minneapolis high school was accused of racial harassment when she reportedly used the name of a Somali student and a cartoon of a woman wearing a hijab in a class presentation. The slide defined the idiom “to have a bone to pick” and the teacher reportedly asked the student to read to the class a description of the term with her name attached: “(redacted) never comes to class on time; she leaves class without permission, is affecting her peers, her grades and is disrespectful to her peers.” 

In January, a complaint accused a high school coach of making a transphobic joke and openly discussed his genitals. While he was stretching in front of a group of female athletes, the complaint alleges, he warned them that he was wearing “very short shorts” and instructed them to “let me know if my junk falls out.” 

In a case from January, the middle school English teacher accused of gazing at students’ bodies and touching them inappropriately was placed on paid administrative leave while district investigators conducted their inquiry. Investigators determined the complaint was substantiated, but the middle school’s website still lists the teacher in its staff directory. A district spokesperson did not respond to questions about whether the teacher faced disciplinary action or his current status.

Given the many ramifications, Levin said the breach demands swift action to ensure the safety of the school community and to prevent something like this from happening again. He said the Minneapolis school board — or even state authorities — need to launch a prompt investigation. 

“States do intervene in school systems when they’re being financially irresponsible or even academically irresponsible,” Levin said. “It may be that Minneapolis is not equipped to deal with the fallout from an incident like this.” 

A download link was published Tuesday night on a website designed to resemble a technology news blog — an apparent front — and, by Wednesday morning, download links began to appear on Telegram, the encrypted instant messaging service that’s been and . ĂÛÌÒÓ°ÊÓ is still working to confirm the contents of the large, roughly 92-gigabyte file.

Still, the available download is significantly smaller than the 157 terabytes — there are 1,000 gigabytes in one terabyte — the Medusa ransomware gang claims it stole from the district, according to a file tree posted this month to the criminal group’s dark web blog. That file tree suggests the records contain a significant amount of sensitive information, including student sexual violence allegations, district finances, student discipline, special education, civil rights investigations, student maltreatment and sex offender notifications. 

“Today, the hacker group ‘Medusa’ gave me data for publication that will become a hit,” notes a post on the faux technology news blog, which appears to have a direct tie to the ransomware group. The author offered a rant accusing district leaders of failing to maintain sufficient data security procedures while attempting to distance himself from illegal activities.

“Someone will tell me that this cannot be published. I will answer this simply — the only way to change rotten systems is to publicly show that they are extremely unsuitable for further use. If you don’t focus on the problems, they accumulate. I hope that the board of trustees of this organization will make the right decision on the current management of the organization.” 

Though the full scope of the breach remains unclear, current and former Minneapolis families and district employees should take immediate steps to protect themselves, cybersecurity experts said. 

“If I was a parent at this school district, or a teacher, I would assume that my data and information had been compromised and act accordingly,” said Brett Callow, a threat analyst with the cybersecurity company Emsisoft. Identity theft is a primary risk that data breach victims face, Callow said, so people should consider freezing their credit and “at the very least, being extra vigilant and looking more closely at your transactions than you normally would.” 

It’s also a good time for people to implement two-factor authentication on accounts when possible and avoid reusing passwords across multiple services, said Doug Levin, an expert in K-12 cybersecurity incidents and national director of the K12 Security Information eXchange

Yet for people whose sensitive personal records are now available, including those related to student sexual misconduct incidents, experts said, there are no easy remedies. Potential victims should consider seeking mental health counseling, Levin said, or to create an action plan if they become the target of harassment. 

“Once that genie is out of the bottle, it is very difficult to get it back in,” Levin said. “I don’t know what the school district could do to comfort those individuals or even provide them a recourse. Credit monitoring is not going to be helpful. What is at risk is their well-being, their reputation.” 

The Minneapolis district, which has been criticized for how it publicly communicated information about a ransomware attack it first referred to as an “encryption event,” that the ransomware group had released the stolen records on the dark web, “a part of the internet accessible only with special software that allows users to remain untraceable.” 

“We are working with cybersecurity specialists to quickly and securely download the data so that we can conduct an in-depth and comprehensive review to determine the full scope of what personal information was impacted and to whom the information relates,” the district update continued. 

However, that statement appeared premature. After a countdown clock reached zero on Medusa’s dark web blog Friday, the files weren’t readily available for download. Instead, a “Download data now!” button directed users to contact the gang through an encrypted instant-messaging protocol. 

District officials didn’t respond to requests for comment from ĂÛÌÒÓ°ÊÓ Wednesday. Attempts by ĂÛÌÒÓ°ÊÓ to reach the gang have been unsuccessful. 

Instead of uploading district files to the dark web blog, a download link to the Minneapolis data is available in the Telegram channel and on the faux tech news blog, which is not relegated to the dark web, does not require special tools to access and can be found through a Google search. The site also includes a 50-minute video offering a preview of files within the gang’s possession. 

In posting the download link to the “clearnet” — a publicly accessible website that’s indexed by search engines — Medusa may have lowered the technical bar for people who are interested in downloading and viewing the stolen records. But at some 92 gigabytes, Levin said the file’s size may serve as a barrier to access to cyber criminals interested in exploiting the information — and to district officials who are investigating the breach and attempting to alert those whose information has been exposed.

Comments on the Telegram channel suggest there is interest in the stolen records. Since last week, Telegram users have questioned when the file download would become available. By Wednesday afternoon, Telegram posts with links to the district data amassed more than 400 views. Viewing the links doesn’t necessarily mean the data was downloaded.

“Hey, how can I see the mps stuff,” one Telegram user asked in the ransomware group’s channel. “I”m hoping I’m not on there. I attend school and work at this district.” 

The Telegram user, who identified themselves to ĂÛÌÒÓ°ÊÓ as an 18-year-old Minneapolis high school student, said they were trying to download the data due to concerns that it could contain their Social Security number or other sensitive information. 

Among a list of safety precautions, the district has urged the community to refrain from downloading the breached data, arguing that doing so “plays into the cybercriminals’ hands by drawing attention to the information and increasing our community’s fear and panic.” 

The district has also warned people against responding to suspicious emails or phone calls due to phishing risks and urged people to change their passwords. On Friday, the district said it was working to identify which records were compromised and planned to notify affected individuals at the end of a process that “will take some time.” 

Callow said that ransomware victims should take a proactive approach to notifying those whose data was potentially stolen, rather than waiting until investigations are concluded. 

“I would much prefer to see organizations preemptively warn people that their data may have been compromised so that they can be cautious. Forewarned is forearmed, as they say,” Callow said. “If my personal information may have been compromised, I would want to know straight away.”

Early Friday morning, after the Medusa gang’s countdown clock on the ransom deadline struck zero, the files weren’t readily available for download on its dark web leak site. Instead, a “Download data now!” button directs users to contact the ransomware gang through an encrypted instant-messaging protocol. Attempts by ĂÛÌÒÓ°ÊÓ to reach the gang have been unsuccessful.

Files from previous Medusa victims are available on a website designed to resemble a technology news blog — a front of sorts. Unlike the Medusa blog, this site is not relegated to the dark web and does not require special tools to access. Download links are also posted in a channel on Telegram, the encrypted social media service that’s been and . Yet as of Friday afternoon, the files purportedly stolen from the Minneapolis district were not available for download on either platform. 

Data breaches from previous victims appear to be uploaded to the faux technology news blog about a month after their ransom expires, suggesting that the Minneapolis files could become available online after a brief lag. 

Still, in a statement on Friday, the district said it “is aware that the threat actor has released certain MPS data on the dark web today.” 

“We are working with cybersecurity specialists to quickly and securely download the data so that we can conduct an in-depth and comprehensive review to determine the full scope of what personal information was impacted and to whom the information relates,” the district continued. “This will take some time. You will be contacted directly by MPS if our review indicates that your personal information has been impacted.” 

Early indications suggest the files contain a significant volume of sensitive information about students and staff. Leading up to the Friday deadline, Medusa posted a short-lived video to Vimeo that previewed the files in its possession and published a file tree on its dark web blog that purportedly showed the names of the compromised documents. The file tree suggests those records involve student sexual violence allegations, district finances, student discipline, special education, civil rights investigations, student maltreatment and sex offender notifications. As of Friday afternoon, the dark web blog post showing the file tree had amassed more than 3,100 page views. 

Should the files become available at some point, an analysis of the file tree points to the trove of stolen records being extensive. The file tree lists more than 172,000 individual records including large backup files. Though it’s unclear how many of the documents contain personally identifiable information and other sensitive data, the files add up to a startling 157 terabytes. 

“Yikes, that’s a lot,” said Doug Levin, an expert in K-12 cybersecurity incidents and national director of the K12 Security Information eXchange. “It’s a very significant exfiltration.” 

By comparison, last year the Los Angeles Unified School District suffered a ransomware attack and a cache of stolen district files — including thousands of current and former students’ sensitive mental health records — were uploaded to a dark web leak site. The files in that leak, which drew national attention to cybersecurity vulnerabilities in K-12 schools, total some 500 gigabytes. There are 1,000 gigabytes in one terabyte. 

The records stolen from the Los Angeles school district could fit on the hard drive of just one laptop. The scope of records stolen in Minneapolis, meanwhile, are more akin to “entire IT systems,” said Levin, who was especially concerned about the breach of district backup files. “You’re probably looking at some of the more sensitive data that the district maintains — sensitive enough that they are backing it up and maintaining those files.” 

The data leak deadline comes a little more than a week after Medusa listed the district on its dark web blog and two weeks after Minneapolis school officials attributed with its computer system to an “encryption event.” That euphemistic characterization left the public in the dark about the incident’s severity, cybersecurity analysts and community members said.

Such experts said Medusa’s pre-leak efforts were a particularly aggressive attempt to increase public attention around the attack and coerce the district to meet its ransom demand. 

Medusa’s decision to upload its stolen files to the faux technology news blog is likely a tactic to elevate the privacy risks to potential data breach victims and convince hacked organizations to pay the ransom, said Brett Callow, a threat analyst with the cybersecurity company Emsisoft. 

Despite Medusa’s extensive steps to publicize the ransomware attack prior to the Friday deadline, the group has been  “unusually uncommunicative,” since the clock struck zero and its dark web blog listed the Minneapolis records as published, Callow said. The cyber expert said he also reached out to the group Friday to inquire about the Minneapolis breach but didn’t receive a response. 

People who don’t work in cybersecurity may not know how to access dark web sites, he said, while the technology news blog is more accessible to the general public. Therefore, dark web sites “would concern organizations less than the data being released from the “clearnet” where it is easily accessible and links to it can be shared via Twitter and other social platforms. It’s much easier for people to access.”

Callow agreed the volume of data purportedly stolen from the Minneapolis district constitutes an outlier among ransomware attacks — but he offered a caution. 

“Just because they published a file tree doesn’t mean they necessarily obtained all of the data it shows in that tree,” he said, noting that organizations like school districts can shut hackers out of their systems if they’re caught in the act. 

In a March 9 statement, the district said it had “taken a stance against these criminals and has fully restored our systems without the need to cooperate with the criminal.” 

During a school board meeting Tuesday, interim Superintendent Rochelle Cox said the district’s computer network “was infected with an encryption virus that was first discovered” Feb. 18. Secure backups allowed the district to restore many of its systems, Cox said, and while sensitive data has now been released publicly, the district is unaware of any evidence that the information has been leveraged by criminals to commit fraud. Once the district identifies impacted individuals, Cox said it will provide them with credit monitoring and identity protection services. 

Yet as Cox credited the district’s technology department for responding swiftly to restore district systems after the attack, Levin, the K-12 cybersecurity expert, said the sheer volume of files purportedly stolen point to the threat actors possibly lurking around inside the MPS computer systems for weeks — if not months. 

“Exfiltrating this amount of data without detection certainly is concerning,” Levin said. “This sort of mass exfiltration is something that cybersecurity experts look for when they are defending systems and this is certainly not something that is downloaded in an hour or two.”

As the district works to analyze the scope of the attack, it’s advising district families and staff to avoid interacting with suspicious emails or phone calls, to change their passwords and warned them against downloading any data released by cyber criminals because it plays into their hands “by drawing attention to the information and increasing our community’s fear and panic.” 

The will air after a countdown clock on the Medusa cyber gang’s dark web leak site strikes zero at about 4 a.m. ET Friday. The leak site suggests the Minneapolis school district’s window to meet a $1 million ransom demand will then close and a trove of district data, which appears to include a significant volume of sensitive student and educator records, will become available online.

ĂÛÌÒÓ°ÊÓ’s earlier reporting documented that Medusa’s tactics, which included posting a since-removed video previewing what appeared to be the stolen documents in its possession, were more aggressive and more marketing-savvy than those generally seen in other school district cyber attacks. 

A preliminary review of the gang’s dark web leak site by ĂÛÌÒÓ°ÊÓ suggest the compromised files include a sizable volume of sensitive documents, including records related to student sexual violence allegations, district finances, student discipline, special education, civil rights investigations, student maltreatment and sex offender notifications.

The Minneapolis Public Schools, which came under fire for referring to the February breach as an “encryption event,” has not released any additional information since a March 9 statement posted on its web site. In it, school leaders indicate they don’t intend to deal with Medusa to get their now-encrypted data back.

“We have taken a stance against these criminals and are restoring our systems without the need to cooperate with them. As our response continues, we continue to work with and align with the best practices provided by federal law enforcement.”

Medusa is apparently a popular name among threat actors. The group that struck Minneapolis schools, according to , Bleeping Computer,  got its start in June 2021, but upped its profile this year by increasing its ransomware activity and launching its ‘Medusa Blog’ leak site to publish victims’ data.

A ransomware gang called Vice Society attempted to extort the Los Angeles Unified School District last year after it broke into the district’s computer network and made off with some 500 gigabytes of district files. When the district refused to pay an undisclosed ransom, Vice Society uploaded the records to its dark web leak site. 

District officials sought to downplay the attack’s effects on students. But an investigation by ĂÛÌÒÓ°ÊÓ found thousands of students’ comprehensive and highly sensitive mental health records had been exposed. The district then acknowledged Feb. 22 that some 2,000 student psychological assessments — including those of 60 current students — had been leaked.

While districts nationwide have become victims in in the last several years, cybersecurity experts said the extortion tactics leveraged against the Minneapolis district are particularly aggressive and an escalation of those typically used against school systems to coerce payments.

In a dark web blog post and an online video uploaded Tuesday, the ransomware gang Medusa claimed responsibility for conducting a February cyberattack — or what Minneapolis school leaders euphemistically called an “encryption event” — that led to . The blog post gives the district until March 17 to hand over $1 million. If the district fails to pay up, criminal actors appear ready to post a trove of sensitive records about students and educators to their dark web leak site. The gang’s leak site gives the district the option to pay $50,000 to add a day to the ransom deadline and allows anyone to purchase the data for $1 million right now.

On the video-sharing platform Vimeo, the group, calling itself the Medusa Media Team, posted a 51-minute video that appeared to show a limited collection of the stolen records, making clear to district leaders the sensitive nature of the files within the gang’s possession. 

“The video is more unusual and I don’t recall that having been done before,” said Brett Callow, a threat analyst with the cybersecurity company Emsisoft. 

A preliminary review of the gang’s dark web leak site by ĂÛÌÒÓ°ÊÓ suggest the compromised files include a significant volume of sensitive documents, including records related to student sexual violence allegations, district finances, student discipline, special education, civil rights investigations, student maltreatment and sex offender notifications. 

The video is no longer available on Vimeo and a company spokesperson confirmed to ĂÛÌÒÓ°ÊÓ that it was , which prohibits users from uploading content that “infringes any third party’s” privacy rights. 

As targeted organizations decline to pay ransom demands in efforts to recover stolen files, Callow said the threat actors are employing new tactics “to improve conversion rates.”

“This is likely just an experiment, and if they find this works they will do it more frequently,” Callow said. “These groups operate like regular businesses, in that they A/B test and adopt the strategies that work and ditch the ones that don’t.” 

Here’s a snippet of the video’s introduction (with all sensitive records omitted):

The Minneapolis school district hasn’t acknowledged being a ransomware victim, while Callow and other cybersecurity experts have been harshly critical of how it has disclosed the attack to the public. In , the district attributed “technical difficulties” with its computer systems to the referenced “encryption event,” a characterization that experts blasted as creative public relations that left potential victims in the dark about the incident’s severity. 

The district “has not paid a ransom” and an investigation into the incident “has not found any evidence that any data accessed has been used to commit fraud,” school officials said in the March 1 statement.  

In a statement to ĂÛÌÒÓ°ÊÓ Tuesday, the district said it “is aware that the threat actor who has claimed responsibility for our recent encryption event has posted online some of the data they accessed.” 

“This action has been reported to law enforcement, and we are working with IT specialists to review the data in order to contact impacted individuals,” the statement continued.

Minnesota-based student privacy advocate Marika Pfefferkorn called on the district to be more forthcoming as it confronts the attack. 

“First and foremost, they owe an apology to the community by not being explicit right away about what was happening,” said Pfefferkorn, executive director of the Midwest Center for School Transformation. “Because they haven’t communicated about it, they haven’t shared a plan about, ‘How will you address this? How will you respond?’ Not knowing how they are going to respond makes me really nervous.”

School cybersecurity expert Doug Levin, the national director of the K12 Security Information eXchange, said that district officials appear to have coined the term “encryption event,” but available information suggests the school system was the victim of “classic double extortion,” an exploitation technique that’s become popular among ransomware gangs in the last several years. 

With its video and dark web blog, Medusa may have spent “a little more time and energy” than other ransomware groups in presenting the stolen data in a compelling package, “but the tactics seem to be the same,” Levin said. “Now that we have a group coming forward with compelling evidence that they have exfiltrated data from the system and it’s actively extorting them, that’s all I would need to know to classify this as ransomware.”

In double extortion ransomware attacks, threat actors gain access to a victim’s computer network, download compromising records and lock the files with an encryption key. Criminals then demand their victim pay a ransom to regain control of their files. Then, if a ransom is not paid, criminals sell the data or publish the records to a leak site. 

Such a situation recently played out in the Los Angeles Unified School district, the nation’s second-largest school system. Last year, the ransomware gang Vice Society broke into the district’s computer network and made off with some 500 gigabytes of district files. When the district refused to pay an undisclosed ransom, Vice Society uploaded the records to its dark web leak site. 

District officials have sought to downplay the attack’s effects on students. But an investigation by ĂÛÌÒÓ°ÊÓ found thousands of students’ comprehensive and highly sensitive mental health records had been exposed. The district then acknowledged Feb. 22 that some 2,000 student psychological assessments — including those of 60 current students — had been leaked.

Districts that become ransomware targets could face significant liability issues. Earlier this month, the education technology company Aeries Software a negligence lawsuit after a data breach exposed records from two California school districts. District families accused the software company of failing to implement reasonable cybersecurity safeguards. 

Federal authorities have made progress in curtailing cybercriminals. In January, authorities seized control of a prolific ransomware gang’s leak site and earlier this month officials with ties to a Russian-based ransomware group that’s known to target schools. 

At least 11 U.S. school districts have been the victims of ransomware attacks so far in 2023, according to Emsisoft research. Last year, 45 school districts and 44 colleges. 

In Minneapolis, a lack of transparency from the district could put affected students and staff at heightened risk of exploitation, Emsisoft’s Callow said. 

“There absolutely are times when districts have to be cautious about the information they release because it is the source of an ongoing investigation,” he said. “But calling something a ransomware incident as opposed to an encryption event really isn’t problematic. Nor is telling people their personal information may have been compromised.”

Pfefferkorn, the Minneapolis student privacy advocate, said she’s concerned about the amount of data the school district collects about students and worries it lacks sufficient cybersecurity safeguards to keep the information secure. She pointed to Minneapolis schools’ since-terminated contract with the digital student surveillance company Gaggle, which monitors students online and alerts district officials to references about mental health challenges, sexuality, drug use, violence and bullying. 

The district said it adopted the monitoring tool in a pandemic-era effort to keep kids safe online, but the unauthorized disclosure of Gaggle records maintained by the district could make them more vulnerable, she said. 

There’s little recourse, she said, for students and educators whose sensitive records were already leaked by Medusa. 

“It’s already out there and that cannot be repaired,” she said. “There’s information out there that’s going to impact them for the rest of their lives.”

Hours after the publication of this article Friday, The Trevor Project announced in a tweet it would return a $25,000 donation from the student surveillance company Gaggle, acknowledging widespread concerns about the monitoring tool’s “role in negatively impacting LGBTQ students.”

“Our philosophy is that having a seat at the table enables us to positively influence how companies engage with LGBTQ young people, and we initially agreed to work with Gaggle because we saw an opportunity to have a meaningful impact to better protect LGBTQ students,” the nonprofit said in the statement. “We hear and understand the concerns, and we hope to work alongside schools and institutions to ensure they are appropriately supporting LGBTQ youth and their mental health.” 

The move came after widespread condemnation on social media, with multiple supporters threatening to pull their donations to The Trevor Project moving forward. 

In a Friday statement, Gaggle spokesperson Paget Hetherington said the company wanted The Trevor Project’s “guidance on how to do what we do better.” The company also where it previously touted the partnership. 

“We’re disappointed that The Trevor Project has decided to pause our collaboration,” she said. “However, we are grateful for the opportunity we have had to learn and work with them and will continue with our mission of protecting all students regardless of how they identify.” 

Original report below:

Amid warnings from lawmakers and civil rights groups that digital surveillance tools could discriminate against at-risk students, a leading nonprofit devoted to the mental well-being of LGBTQ youth has formed a financial partnership with a tech company that subjects them to persistent online monitoring. 

, The Trevor Project, a high-profile nonprofit focused on suicide prevention among LGBTQ youth, began to list Gaggle as on its website, disclosing that the controversial surveillance company had given them between $25,000 and $50,000 in support. Meanwhile Gaggle, which uses artificial intelligence and human content moderators to sift through billions of student chat messages and homework assignments each year in search of students who may harm themselves or others, noting the two were collaborating to “improve mental health outcomes for LGBTQ young people.” 

Though the precise contours of the partnership remain unclear, a Trevor Project spokesperson said it aims to have a positive influence on the way Gaggle navigates privacy concerns involving LGBTQ youth while a Gaggle representative said the company sees the relationship as a learning opportunity.

Both groups maintain that the partnership was forged in the interests of LGBTQ students, but student privacy advocates argue the relationship could undermine The Trevor Project’s work while allowing Gaggle to use the donation to counter criticism about its potential harms to LGBTQ students. The collaboration comes at a particularly perilous time for many students as a rash of states implement new anti-LGBTQ laws that could erode their privacy and expose them to legal jeopardy. 

Teeth Logsdon-Wallace, a 14-year-old student from Minneapolis with first-hand experience of Gaggle’s surveillance dragnet, said the deal could eliminate any motivation for Gaggle to change its business practices. 

“It really does feel like a ‘We paid you, now say we’re fine,’ kind of thing,” said Logsdon-Wallace, who is transgender. Without any real incentives to implement reforms, he said that Gaggle’s “seal of approval” from The Trevor Project could offer the privately held company reputational cover amid growing concerns that such surveillance tech is disproportionately harmful to LGBTQ youth. 

“People who want to defend Gaggle can just point to their little Trevor Project thing and say, ‘See, they have the support of “The Gays” so it’s fine actually,’ and all it does is make it easier to deflect and defend actual issues with Gaggle.” 

Following an investigation by ĂÛÌÒÓ°ÊÓ into Gaggle’s monitoring practices, the company . Gaggle’s algorithm relies on keyword matching to compare students’ online communications against a dictionary of thousands of words the company believes could indicate potential trouble, including references to violence, drugs and sex. Among the keywords are “gay” and “lesbian,” verbiage the company maintains is necessary because LGBTQ youth are more likely than their straight and cisgender peers to consider suicide. 

But privacy and civil rights advocates have accused the company of discrimination by subjecting LGBTQ youth to heightened surveillance — a concern that has taken on new meaning this year as states like Florida adopt laws that ban classroom discussions about sexuality and LGBTQ youth to their parents.  

A by the nonprofit Center for Democracy and Technology found that while Gaggle and similar student monitoring tools are designed to keep students safe, teachers reported that they were more often used to discipline them. LGBTQ youth were disproportionately affected. 

In a statement, a Trevor Project spokesperson said it’s important that digital monitoring tools keep students safe without invading their privacy and that the collaboration was built on Gaggle’s “desire to identify and address privacy and safety concerns that their product could cause for LGBTQ students.” 

“It’s true that LGBTQ youth are among the most vulnerable to the misuse of this kind of safety monitoring — many worry that these tools could out them to teachers or parents against their will,” the statement continued. “It is because of that very real concern that we have worked in a limited capacity with digital safety companies — to play an educational role and have a seat at the table so they can consider these potential risks while they design their products and develop policies.” 

But it remains unclear what policy changes have occurred at Gaggle as a result of the deal. Without offering any specifics, Gaggle spokesperson Paget Hetherington said in a statement the company is “honored to be able to align with The Trevor Project to better serve LGBTQ youth,” and that the company is “always looking for ways to learn and to improve upon what we do to better support students and keep them safe.” 

‘Faceless bureaucracy’ 

At its core, the partnership between Gaggle and The Trevor Project makes sense because both work to prevent youth suicides, said Amelia Vance, the founder and president of . But their approaches to solving the problem, she said, are fundamentally different. 

By combing through digital materials on students’ school-issued Microsoft and Google accounts, Gaggle seeks to alert educators — and in some cases the police — of students’ online behaviors that suggest they might harm themselves or others.

“It really is about collecting details that kids may not be voluntarily sharing — information that they may be looking up to learn, to explore their identities, to otherwise help them in their day-to-day lives,” Vance said. At The Trevor Project, “you have proactive outreach from youth who know that they need help or they need a community.” 

The West Hollywood-based Trevor Project, which and funding from including Macy’s and AT&T, was founded in 1998 and in contributions in 2020. Gaggle, founded in 1999, does not publicly report its finances. The Dallas-based company says it monitors the digital communications of more than 5 million students across more than 1,500 school districts nationally. 

The Trevor Project to train volunteer crisis counselors and assess the risk levels of people who reach out to for help. If counselors with The Trevor Project believe a student is at imminent suicide risk, to call the police. But it’s ultimately up to youth to decide which information they share with adults. 

It’s important for LGBTQ students to have trusting adults with whom they can confide their experiences, Vance said, rather than a system where “some faceless bureaucracy is finding out and informing your parents” about information they intended to keep private. 

A by The Trevor Project offers troubling data about the realities of the youth suicide crisis. Nearly half of LGBTQ youth said they seriously considered attempting suicide in the past year and 14% said they made a suicide attempt. 

This isn’t the first time The Trevor Project has faced scrutiny in recent months for its ties to companies that could have detrimental effects on LGBTQ youth. In July, a HuffPost investigation revealed that CEO and Executive Director Amit Paley previously and helped create a strategic plan to boost opioid sales amid an addiction epidemic — one that’s in suicide attempts among LGBTQ youth. 

The group knows firsthand how data can be weaponized. Just last month, that target the transgender community launched a campaign to clog up The Trevor Project’s suicide prevention hotline. 

Persistent student surveillance could exacerbate the challenges that LGBTQ youth face by subjecting them to disproportionate discipline and erroneously flagging their online communications as threats, Democratic Sens. Elizabeth Warren and Ed Markey warned in an April report. 

Nearly a third of LGBTQ students say they or someone they know has experienced the nonconsensual disclosure of their sexual orientation or gender identity — typically called “outing” — due to student activity monitoring, by the nonprofit Center for Democracy and Technology. They were also more likely than their straight and cisgender peers to report getting into trouble at school and being contacted by the police about having committed a crime. 

In response to the survey results, a coalition of civil rights groups called on the U.S. Education Department to condemn the use of activity monitoring tools that violate students’ civil liberties and to state its intent “to take enforcement action against violations that result in discrimination.” The letter argues that using the tools to out LGBTQ students or to subject them to disproportionate discipline and criminal investigations could violate Title IX, the federal law prohibiting sex-based discrimination in schools. 

Among the letter signatories is the nonprofit LGBT Tech, which about the harms of digital surveillance on LGBTQ people. Christopher Wood, the group’s co-founder and executive director, said The Trevor Project’s partnership with Gaggle could be positive if it’s used to ensure that LGBTQ youth who are struggling have access to help. But once Gaggle gives student information to school administrators, the company can no longer control how those records are used, he said. 

“If that information is provided to someone who is not accepting, who has very different views and who willfully brings their political, personal or religious views into the school system, and they are not supportive of LGBTQ youth, then what they’ve done is harm the student,” Wood said. 

Yet as schools increasingly turned to student activity monitoring software during the pandemic, The Trevor Project portrayed their growth as an inevitable result of districts seeking “to avoid liability issues.”  

“It is our stance that since these tools are not going anywhere, we think it’s important to do our part to offer our expertise around LGBTQ experiences,” the spokesperson said. 

The power of trust

In interviews, students flagged by Gaggle said their trust in adults suffered as a result. Among them is Logsdon-Wallace, the 14-year-old transgender student. Before the Minneapolis school district stopped using Gaggle this summer and state lawmakers put strict limits on digital surveillance in schools, the tool alerted district security when he used a classroom assignment to reflect on a previous suicide attempt and how music therapy helped him cope. That same assignment, which included references to his gender identity, was flagged to his parents. 

And while his parents are affirming, he has friends who live in less supportive environments.                                                                                                       

“I have friends who are queer and/or trans who are out at school but not to their parents,” he said. “If they want to be open with teachers, Gaggle can create a bad or even dangerous situation for these kids if their parents were contacted about what they were saying.” 

In The Trevor Project’s recent survey, nearly three-quarters of LGBTQ youth reported that they have endured discrimination based on their sexual orientation or gender identity, just 37% said their homes are affirming and 55% said the same about their schools. 

Given that reality, reported sharing information about their sexual orientation with teachers or guidance counselors. 

While Gaggle has maintained that keywords like “gay” and “lesbian” can also prevent bullying, Logsdon-Wallace said their approach is out of touch with how students generally interact. At school, he said he’s been called just about every “slur for a queer or a trans person that isn’t from like 80 years ago.” While slurs are common, terms like “lesbian” are not.

“As an actual teenager going to an actual public school, those words are not being used to bully people,” he said. “They’re just not.”

The proposal’s defeat by a 12-point margin is likely to carry national implications for the debate over policing and racial justice, including in schools. After a Minneapolis cop killed Floyd in 2020, the city school district ended its longstanding contract with the police department and replaced campus officers with non-sworn “public safety support specialists.” Dozens of school districts nationally took similar action in the aftermath of nationwide protests. Yet, in a whiplash move as students resumed in-person learning, education leaders in and have since voted to bring back the police.

Minneapolis Question 2 — voted down by 56 percent of those who turned out in an — would have amended the city charter to replace the police department with a Department of Public Safety focused on a “comprehensive public health approach,” including an emphasis on mental health — reforms that shared similarities with efforts in the city’s schools. The ballot measure would have removed from the city charter a minimum required number of police officers and the new agency “could include” cops “if necessary.” How the new department would have looked in practice, and the number of police officers it would employ, remained uncertain as voters headed to the polls.

Local parent advocate Khulia Pringle has long fought to remove police from schools but opposed the ballot question, which she noted was divisive among the city’s Black community. A found that white voters were more likely than Black residents to support the ballot question.

Floyd’s murder made police reform politically safe, Pringle said, but reform efforts were led primarily by white progressives who didn’t seek sufficient input from the African-American community before saying, “Hey, we’ve got this great plan for Black folks.”

“A lot of Black folks are pretty woke to when the wool is being pulled over their eyes,” said Pringle, the Minnesota-based representative of the National Parents Union. “They got caught up in the moment and threw something out there that had no plan, no nothing. It was inevitable to fail from the beginning.”

About 44 percent of Minneapolis voters sought to replace its police department, an unprecedented shift that highlights in recent years in support of criminal justice reforms. , Yes 4 Minneapolis communications director JaNaĂ© Bates said her group, which campaigned to get the question on the ballot, has no plans of giving up. 

“We took a lesson today that we need to knock even more doors, that we need to talk to even more neighbors, that we need to bust through the disinformation campaign and the big money that says ‘No’ when we say ‘Yes,’” Bates said.

More measured police reform efforts found success elsewhere during an election cycle generally seen as a win for conservative causes. Voters in Cleveland, Ohio, for example, that gives citizens greater oversight over police misconduct. In Austin, Texas, a proposal to bolster the city’s police force. 

Had Minneapolis residents voted to terminate the police department, the school board may have been more likely to form an alliance with the new public safety agency, Pringle said. But without substantive reforms, board members are not expected to resume the police department contract anytime soon, she said. 

“If it’s the same agency and there’s been no major overhaul,” she said. “I don’t think that Minneapolis Public Schools is going to go back.”

In a recent interview, former Minneapolis school resource officer Charles Adams III said he opposed the ballot question because the city lacked a firm plan for the future. Adams, who left the police department last year after the school district ended its policing contact, was among former school-based officers included in a recent investigation by ĂÛÌÒÓ°ÊÓ exposing how many had faced disciplinary actions and allegations of civil rights violations, including police brutality, racial discrimination and domestic violence.

As Minnesota residents reckon with this year, the public safety support specialists who replaced school resource officers are “stretched thin,” said Adams, who remains the football coach at North High School. The school board took a “social political stand” when it ended its policing contract but “jeopardized the safety and the lives of kids in North Minneapolis,” Adams told ĂÛÌÒÓ°ÊÓ. 

“Black lives matter 100 percent,” said Adams, who is Black. “But right now what we’re doing, the crime is destroying our community.”

The Minneapolis school district didn’t respond to a request for comment. Minneapolis Police Department spokesman Garrett Parten said his agency would support future efforts to resume the $1.1 million-a-year school resource officers program. 

The police department “would eagerly continue the program should the opportunity be granted and the resources be available,” Parten said in an email, adding that the former contract offered “a vibrant, vital program that embodied the essence of community-based policing.” 

As a talent show came to a close in the winter of 2007, hundreds of children and parents poured out of a Minneapolis high school only to be met by the piercing blast of gunfire. 

North High School students and their parents rushed back inside and police raced to investigate the commotion. But the guns and bullet shells were nowhere to be found. A campus security guard who helped in the search, they’d soon learn, had already stashed them in his pockets and, later, his wife’s purse. 

Get stories like this delivered straight to your inbox. Sign up for ĂÛÌÒÓ°ÊÓ Newsletter

The weapons turned up that evening outside a gas station a few blocks from the school where the security guard, Kelly Woods, got into a heated altercation with his ex-girlfriend. Police, who observed witnesses screaming “They’ve got a gun,” arrested Woods at gunpoint.

For Woods, the arrest added to a lengthy criminal record, including drug trafficking, auto theft, armed robbery and a federal firearms conviction, which didn’t stop him from becoming a security guard in charge of protecting students. For police officer Charles Adams III, the security guard’s colleague at North High, the ordeal became part of his internal disciplinary record. When officials pursued fresh criminal charges against Woods, Adams pressed them to “go easy” on a man he described as a “good guy,” according to police records obtained by ĂÛÌÒÓ°ÊÓ. The move infuriated the lead prosecutor on the case. Assistant County Attorney Diane Krenz said it was the first time in her decades-long career an officer had pressured her to go lenient on a suspect, according to the records. The last thing the community needed, she said, were “more guns on the North Side.” 

The incident linked to Adams — the and now-former cop — is included among dozens of allegations and disciplinary findings against campus police officers recently stationed inside Minneapolis public schools that include claims of police brutality, racial discrimination and domestic violence. 

In one incident, officers were accused of beating and arresting a man for carrying a handgun despite having a concealed carry permit. In another, police were accused of pounding in a man’s face because he littered the crust from a slice of pizza. Both incidents ended with court settlements, against Minneapolis officers that has cost taxpayers millions of dollars. The city after a man said at least six officers punched, kicked and tasered him during a traffic stop. One of the accused officers became a school-based cop, a position he held until last year.

After George Floyd was murdered in 2020 at the hands of a Minneapolis officer, the city school board was quick to end its longstanding contract with the police department for campus cops, a move that some critics said was politically motivated. Floyd’s death put a national spotlight on police brutality and excessive force. ĂÛÌÒÓ°ÊÓ obtained public officer misconduct records and court files to explore whether similar interactions between police and students had transpired in Minneapolis classrooms — and if such incidents may have contributed to the school board’s decision to cut ties with the department. Ultimately, few of the records involved on-campus incidents or youth, but the lengthy list of allegations and disciplinary findings — many alleging violence on the part of police — raised separate questions about how the officers wound up inside schools in the first place. They also offer new context for an ongoing national debate about the role police should play in schools and whether they’re best equipped to ensure students are safe. 

Ben Fisher, an assistant criminal justice professor at Florida State University whose research focuses on the efficacy of school-based police, said the Minneapolis officers’ disciplinary and court records “seemed quite problematic.”

“Schools contain some of our most vulnerable people in society,” Fisher said. “If we are putting officers in there who have abused their power in some way outside of the school, it’s a very scary proposition to imagine that track record following them into schools.”

Minneapolis Police Department spokesman Garrett Parten said officers’ disciplinary records were considered before they were stationed inside schools, but he declined to comment on specific allegations or findings against officers. School resource officers took the job to build trust between youth and police, serve as positive role models and ensure children could learn in a safe environment, he said in an email. Effects of the school board’s decision to end the school resource officer program, he said, “will become evident over time.”

Dozens of school districts across the country severed their ties with police after Floyd’s murder, but broader police reform efforts have so far faltered. In Washington, legislation that sought to improve transparency around officer misconduct and make it easier to prosecute bad cops, among other changes, failed as bipartisan negotiations broke down. 

Locally, Minneapolis voters will consider a ballot question next week that could remove from the city charter a police department that’s long been . As the school district navigates its first year without a full-time police presence in classrooms, the ballot measure would create instead a city Department of Public Safety that would use a “comprehensive public health approach” and employ police officers only “if necessary.”

National industry recommend collaboration between police and education leaders when stationing officers inside schools, but researchers who study the efficacy of school resource officers said that little evidence exists about how such selection processes actually work. Anecdotally, the job is highly regarded in some districts and officers compete for the position, Fisher said. In other places, being stationed in schools is “a punishment where police are put there if they can’t cut it on the streets.”

‘Completely out of control’

ĂÛÌÒÓ°ÊÓ obtained Minneapolis Police Department misconduct records for the 24 officers assigned to public schools for the five years prior to Floyd’s murder. Of those, 21 officers faced 105 internal complaints, 11 of which resulted in discipline of varying severity. Those records span the duration of officers’ employment with the department. Separately, the officers stationed in schools were named in federal lawsuits on at least two dozen occasions, according to an analysis of court records. 

The police disciplinary issues range in seriousness. One officer who worked in the schools was cited in 2019 for unintentionally firing his service rifle while responding to a call about a man with a gun, and another was given a letter of reprimand after getting arrested for driving under the influence of alcohol. In two of the 11 cases which resulted in official department action, officers were disciplined for using excessive force. 

About half of the Minneapolis officers who were sued or disciplined remain on the force, according to a department spokesperson. 

Among them is Mukhtar Abdulkadir, who has faced 11 internal complaints — two that resulted in discipline — and two federal lawsuits. He reported to work as a school resource officer as recently as 2017, district records show. Records suggest the officer has a tendency to respond violently when under stress. 

In 2010, a young Ethiopian immigrant accused Abdulkadir of choking and punching him and calling him a racial slur after he was pulled over and cited for riding a bike at night without a light, a citation the man called “stupid.” A federal lawsuit following the incident . Abdulkadir and his attorneys couldn’t be reached for comment. 

In 2011, Abdulkadir was arrested on assault and terroristic threat charges after his then-wife accused him of punching her in the ribs, smothering her face with a pillow and hitting her in the face with the butt of his service pistol. Abdulkadir was but was rehired with back pay after his former wife retracted her allegations. Yet according to his disciplinary file, internal investigators believed her decision to recant was obvious: “Only if he is reinstated will she obtain child support when they divorce.” Additionally, internal records note that domestic abuse victims often “take the blame” because their abusers maintain control over them. 

Abdulkadir was also accused of repeatedly punching a man outside a car wash in 2013. The man honked at the officer because he was next in line at the automatic car wash but hadn’t moved forward, according to a complaint in a federal lawsuit. In response, Abdulkadir was accused of punching the man repeatedly before charging him with disorderly conduct, according to the lawsuit that also . 

Then, in 2014, Abdulkadir was reprimanded for becoming irate after he failed firearms training. Officers who witnessed the outburst reported feeling afraid because he “was completely out of control” and had easy access to a gun. 

“That night I truly believed that at any time he could grab his weapon, load it and use it against officers,” a police sergeant told internal investigators. In a less controlled environment, the sergeant said he could see a situation where Abdulkadir would “completely lose control of everything and harm himself, other officers or the public.” 

District records show Abdulkadir was assigned to Minneapolis campuses a year later, including Andersen United Middle School and Seward Montessori School. 

When officers protect their own

The disciplinary findings against Adams put the storied coach and second-generation Minneapolis cop on defense, a position he isn’t used to playing. After the school board voted to break with the police department, some students at North High School, the predominantly Black school where Adams worked as a school resource officer, So did the school’s principal. 

On after reinvigorated the Black Lives Matter movement, The New York Times examined how his roles as a football coach and a Black police officer placed him on both ends of the debate on policing in America. As Adams , “I wear blue, but I’m Black.”

The records suggest that Adams, who left the police department last year and is now head of team security for the Minnesota Twins, was willing to go to great lengths for a colleague accused of a serious crime, a reality he acknowledged in an interview with ĂÛÌÒÓ°ÊÓ. Woods, the North High School security guard, and his attorney couldn’t be reached for comment. 

“I stood up for him as a character,” Adams said. “I never said that it was OK for what he did.”

North High School Principal Mauri Friestleben, who has been outspoken against the school board’s decision to cut ties with the police, similarly stood behind Adams. With officers in schools, she said she witnessed a “healthy discourse about what real protecting and serving looked like,” including situations where campus cops helped students avoid arrests. “I have no reservations about my public support” of Adams, she wrote in an email, and called the officer “a protector” who came to the job “with multiple dimensions and this may be just one of them.” 

Adams sought to downplay his own disciplinary record, arguing that police leaders and prosecutors overreacted to his intervening in Woods’s criminal case. Prior to becoming a school security guard, Woods was convicted of armed robbery in 1992 and became ineligible to possess a firearm. Six years later, police arrested Woods with a gun outside a Minneapolis Greyhound bus station. Woods, who is Black, unsuccessfully accused the officers of racial discrimination when they stopped him while investigating drug and gun trafficking, according to court records. 

Adams said that Woods was a positive force in the community and shouldn’t be defined by the years he spent in prison. After the shooting outside North High, Woods wasn’t trying to keep the guns for himself, Adams maintained. Instead, Woods knew the students involved in the shooting and didn’t want them to get arrested. Woods recognized them as gang members, according to court documents.

“I took it as him looking out for those two kids,” said Adams, who added that he didn’t observe the shooting himself. “He took [the guns] from them and said ‘Get out of here,’ one of those types of deals because that’s just the type of person that he is.” 

Adams scoffed at the suggestion from Krenz, the prosecutor, that his defense of Woods conflicted with his role in keeping the community safe. Krenz declined to comment for this article. Adams said she wouldn’t know where North High was if it “smacked her in her face.” 

“I don’t want to hear that,” Adams said. “I hear so many people talk about what should be good for our community. They have never stepped one foot inside of it.” 

‘Good ol’ boy network’

Internal police records obtained by ĂÛÌÒÓ°ÊÓ likely offer a significant undercount of officer misconduct. Just 2.7 percent of complaints resulted in discipline between 2013 and 2019, according to a nonprofit news outlet. After lengthy investigations, disciplined officers often received letters of reprimand or brief suspensions. 

A pattern of officers protecting their peers allowed abuses to remain under the radar until it went to court, the investigation found. Three years before he murdered Floyd, for example, Derek Chauvin and pinned him to the ground for 17 minutes. The incident, which could be seen as a precursor to Chauvin kneeling on Floyd’s neck, from his public records. 

ĂÛÌÒÓ°ÊÓ sought comments from Minneapolis officers previously stationed inside schools, school board members, the city and state police unions, an attorney who represents many officers in misconduct litigation, the city and the county attorney’s office. Each declined to comment or didn’t respond to interview requests. 

Among the lawsuits against officers placed in schools, civil rights attorney Zorislav Leyderman represented the plaintiffs in six. Police misconduct incidents that occur outside schools, he said, should influence whether those involved are assigned as school resource officers. Leyderman cited the allegations as contributing to a larger culture in the city where many Minneapolis residents fear the police. 

“They don’t want to interact with law enforcement because they’re worried that if they do, they’re going to get injured,” he said. The allegations against the officers stationed in schools “should have been looked into, both the lawsuits and these internal complaints.” 

Oftentimes, he said police misconduct remains outside the public eye because officers are “coached” following incidents, a practice the department has maintained isn’t a form of official discipline. The department was sued and , including in cases of serious wrongdoing. In , investigators found that Minneapolis police used coaching to resolve more than a quarter of complaints over a six-year period.

Local parent advocate Khulia Pringle, who helped the school district hire security staff to replace sworn police last year, said that officers’ disciplinary records should be a major factor when placing them inside schools. However, that history only reinforced her belief that police have no place walking hallways. 

“In any other situation, when we need the cops, we call them,” said Pringle, a Minnesota-based representative of the . If they’re going to be there, there “should have been more protocols in place as to which officers are in schools,” she said. 

Adams said he was surprised to see the allegations against other police officers who worked in the schools, and although negative interactions between cops and youth have occurred, he couldn’t recall any recent instances that could’ve motivated the school board’s decision to end its police contract. Yet Adams, who said he can “speak freely” now because he’s no longer a cop, portrayed his former department as one where officer misconduct is routine. 

“It’s the good ol’ boy network,” he said. “You’ve got guys who are in the police department that treat people wrong on purpose and you can see it.” 

‘Part of the game’

As communities across the country grapple with the role police play in schools, new research serves to highlight the issue’s complexities. On one hand, the officers reduce some forms of violent crimes like fights, according to the research. At the same time, their presence prompts a dramatic uptick in suspensions and arrests — especially for students who are Black. Little academic research explores the types of officers who are more effective than others in schools.

But being named in a federal lawsuit shouldn’t be automatically disqualifying, said school safety consultant Kenneth Trump, president of National School Safety and Security Services in Cleveland. Filing civil rights lawsuits against an arresting officer is all “part of the game,” he said. Police misconduct suits often end in settlements, yet Trump said the final results should become part of the equation when making school resource officer assignments.

“If you’re a police officer and you’re doing your job on the streets, there’s a really good chance you’re going to get sued somewhere in your career,” said Trump, a proponent of school-based policing. “But there should be some sort of baseline criteria and screening set by your police administration before that pool of officers is ever presented at that next step to your school people.”

Parten, the Minneapolis police spokesman, said that all officers were eligible to apply for the school resource officer program and were interviewed by a panel of police department and school district officials. The police chief had the final say in hiring decisions. Parten said he collaborated with education officials when crafting a statement for this article, but Minneapolis school district spokeswoman Julie Schultz Brown didn’t respond to multiple requests for comment. 

“Candidates were presented with scenario-based questions designed to evaluate critical thinking skills necessary for a school setting and further examined each individual’s understanding of the challenges and rewards associated with the position,” he said. 

Policing in Minneapolis remains contentious in the larger community, and voters will soon decide whether to go in a completely new direction. Ahead of next week’s election, suggests the question of whether to dismantle the traditional police department will be close. Black voters were less likely than white voters to support the idea. 

A similar course change — to remove cops from Minneapolis schools and replace them with district security staff — was ultimately detrimental, Adams maintains. “Crime is outrageous” at North High School, he said, and the security team hired to replace sworn officers is “stretched thin.” 

And even though he defended a security guard who he said sought to keep kids out of the criminal justice system, the former cop said stationing police in schools was an effective strategy to catch suspected criminals.

“A lot of kids would obviously show up to school and investigators and a lot of police knew the kid would be there,” Adams said. “That was a good way to get bad guys.” 

Lead Image: Former police officer Charles Adams III’s actions to intervene on behalf of a school security guard arrested on gun charges are among dozens of disciplinary findings and misconduct allegations involving campus police officers recently stationed inside Minneapolis public schools. (Andrea Ellen Reed / The New York Times / Redux)