Jonathan Grieg reports: Cyberattacks on K-12 schools across the U.S. continued this week with both the Fort Sumner Municipal Schools in New Mexico and Washington Local Schools in Ohio suffering from incidents. The Cl0p ransomware group’s leak site this week displayed sensitive information from students, faculty members and parents from Fort Sumner Municipal Schools....
Nader Issa and Lauren FitzPatrick report: A massive data breach has exposed four years’ worth of records of almost 500,000 Chicago Public Schools students and nearly 60,000 employees, district officials told principals Friday. The attack targeted a company that has a no-bid contract with the district for teacher evaluations and involved basic student and...
Michael Elsen-Rooney reports: The New York City Education Department is planning to roll out its own online grading and attendance system to replace a widely-used platform that was hacked earlier this year, exposing the personal information of nearly one million students. The new system, developed by the agency’s IT team, will launch in beta...
WTVG reports Washington Local School District in Toledo, Ohio has been hit by a cyberattack that has disrupted much of its communication avenues including phones, internet, email, wifi networks, and Google classroom. Read more at WTVG, although they are only in beginning stages of investigating and responding to the incident.
You may need to add Mercyhurst University in Pennsylvania to any list of post-secondary educational entities hit by ransomware. SuspectFile notes that the university has not confirmed any breach and LockBit has not posted any proof (yet?). But SuspectFile notes the irony that one month after one of the university’s four colleges participated in...
Shaker Heights City School District in Ohio has notified the Maine Attorney General’s Office and the Montana Attorney General’s Office of a data security incident. The incident was discovered on January 30, 2022, but the investigation revealed that it had begun as early as September 1, 2021. Data were exfiltrated as part of the...
On May 12, 2022, Vicksburg-Warren School District in Mississippi issued a breach notification. Its explanation begins, “On or around May 28, 2021, VWSD detected unusual activity within its digital environment.” Investigation revealed that files with personal information “may have been accessed or acquired.” The “may have been” seems a bit vague given that threat actors...
Patrick Penner reports: The Mission School District has suffered an IT breach and phishing emails are being sent out from teachers’ email accounts. Do not open them. The Record received two of these emails from seperate (sic) teachers today, which contain little information besides a greeting and FYI (for your information), directing the recipient...
Emily Bamforth reported this on April 21 on EdScoop. Somehow I missed it, but it’s so important that I am adding it now: As Illinois’ Lincoln College approached its two-week winter hiatus last December, workers walked in one weekend to find printers spewing threatening notes saying the school’s data was locked up and could...
Insufficient Data Security and Disregard for Student Data Privacy Plague the DeKalb County School District; With Commentary by Jim Siegl