Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label K-12 Schools. Show all posts
United States
Data Breach Data Privacy K-12 Schools PowerSchool United States

PowerSchool Breach Compromises Student and Teacher Data From K–12 Districts

 

PowerSchool, a widely used software serving thousands of K–12 schools in the United States, has suffered a major cybersecurity breach.

The Breach has left several schools worried about the potential exposure of critical student and faculty data. With over 45 million users relying on the platform, the breach raises serious concerns about data security in the United States' educational system. 

PowerSchool is a cloud-based software platform used by several schools to manage student information, grades, attendance, and contact with parents. The breach reportedly occurred through one of its customer support portals, when fraudsters gained unauthorised access using compromised credentials. 

Magnitude of the data breach

According to PowerSchool, the leaked data consists mainly of contact details such as names and addresses. However, certain school districts' databases might have included more sensitive data, such as Social Security numbers, medical information, and other personally identifiable information.

The company has informed users that the breach did not impact any other PowerSchool products, although the exact scope of the exposure is still being assessed. 

"We have taken all appropriate steps to prevent the data involved from further unauthorised access or misuse," PowerSchool said in response to the incident, as reported by Valley News Live. “We are equipped to conduct a thorough notification process to all impacted individuals.”

Additionally, the firm has promised to keep helping law enforcement in their efforts to determine how the breach occurred and who might be accountable.

Ongoing investigation and response 

Cybersecurity experts have already begun to investigate the hack, and both PowerSchool and local authorities are attempting to determine the exact scope of the incident. 

As the investigation continues, many people are pushing for stronger security measures to protect sensitive data in the educational sector, especially as more institutions rely on cloud-based systems for day-to-day activities. 

According to Valley News Live, PowerSchool has expressed their commitment to resolving the situation, saying, "We are deeply concerned by this incident and are doing everything we can to support the affected districts and families.”
Read more »
Tucson Unified
Cyber Security data security education technology K-12 Schools K12 SIX Nantucket Public Schools Ransomware school closures Student Data Tucson Unified

Rising Cybersecurity Threats: Ransomware Attacks Disrupt Tucson and Nantucket Schools

 

The Tucson Unified School District in Arizona and Nantucket Public Schools in Massachusetts, despite stark contrasts in size and location, both experienced ransomware attacks in early 2023. Tucson, serving around 42,000 students, operates within a major city, while Nantucket's district, with fewer than 2,000 students, is situated on a small island. 

On January 30 and 31, both districts were struck by cybercriminals using ransomware—a form of malware that locks access to critical systems until a ransom is paid. These attacks forced Nantucket schools to close and compromised sensitive data in Tucson.

According to K12 SIX, a nonprofit dedicated to cybersecurity in schools, ransomware incidents within K-12 education have surged in recent years, with around 325 attacks reported between April 2016 and November 2022. In the past year alone, nearly 85 additional incidents have targeted school networks. Data reveals that some districts have even faced ransomware multiple times within this period.

Roberto Rodriguez from the U.S. Department of Education estimates that five cybersecurity incidents hit K-12 schools every week, causing legal, financial, and operational disruptions, as well as emotional impacts on school communities. Experts also note that attacks often involve international criminals, raising national security concerns.

Amy McLaughlin of the Consortium for School Networking (CoSN) explains that K-12 schools are vulnerable because of inadequate cybersecurity resources despite holding extensive digital information, including personal and financial data. She emphasizes that these incidents are not just attacks on individual schools but on the fundamental concept of free public education in the United States.

New extortion tactics, such as dual or triple extortion, compound the issue. Here, criminals not only encrypt data but also threaten to release sensitive information publicly. This heightens risks for identity theft and other types of fraud affecting students, staff, and their families.

These escalating cyber threats have underscored the need for stronger cybersecurity protocols within K-12 education. Doug Levin of K12 SIX notes that the lack of preventive measures, like multifactor authentication, has left schools more exposed to cybercriminals, who primarily target schools for financial gain.
Read more »
School system cyberattack
Cyber Attacks K-12 Schools NCCU School School & University Targets School system cyberattack

Several K-12 Schools and Colleges Suffers Outage Due to Cyberattack


A number of K-12 schools, colleges and universities are experiencing severe technology failures this week owing to cyberattacks. 

According to a spokesperson for North Carolina Central University, the school had received a warning of the attack on its systems on November 12. 

“Certain systems, including the campus Wi-Fi network and [school portal] MyEOL began to experience some disruptions to normal operations. Other critical systems continue to be operational. Following the initial stages of the investigation into this alert, we can confirm that NCCU has experienced a cyberintrusion,” stated a notice sent out to faculty and staff.

“Certain services have been taken offline to contain the intrusion. Key partners at the UNC System Office, North Carolina Department of Information Technology, Joint Communications Task Force, FBI, U.S. Secret Service and other partners have been activated to investigate and respond,” it read. 

Located in Durham, the university is a historically black institution with around 10,000 undergraduate and graduate students.

On being asked by Recorded Future News whether the school’s systems are suffering a ransomware attack, the spokesperson did not comment, however, said that in an effort to contain the situation, their IT team will “temporarily shut down all critical systems requiring logins with NCCU credentials,” including access to Canvas, Outlook 365, the Wi-Fi network and campus portal.

Moreover, all online courses will be discontinued until further notice, while in-person sessions will still be offered.

NCCU Cyberattacks

In the latest string of attacks, hackers have targeted numerous HBCUs and colleges with sizable minority enrollments, with NCCU being the most recent on the list. Due to long-standing funding imbalances that make it difficult to afford the kind of network security required to protect student and faculty information, universities including Florida International University, Xavier University of Louisiana, Tennessee State University, Southeastern Louisiana University, Howard University, and more have been targeted. 

In recent weeks, a number of other institutions and universities have alerted the public of cyberattacks. More than 25,000 students attend Glendale Community College, and the college revealed this week that ransomware had infected its campuses.

The cyberattacks have coerced the school into taking down its online systems, removing student access to the campus WiFi, the online class schedule, and several systems for school employees. Also, financial aid processes, like the disbursement of funds to students' accounts, have been disrupted.

According to the school newspaper, the hack began on November 10, with recovery still in progress. To date, no hacking group has taken responsibility for the attack.  

Read more »
Subscribe to: Posts (Atom)