Josh Renaud reports: The Social Security numbers of school teachers, administrators and counselors across Missouri were vulnerable to public exposure due to flaws on a website maintained by the state’s Department of Elementary and Secondary Education. The Post-Dispatch discovered the vulnerability in a web application that allowed the public to search teacher certifications and credentials…
Category: Education Sector
How I hacked ALL displays in my high school district to play Rick Astley
Minh Duong writes: On April 30th, 2021, I rickrolled my high school district. Not just my school but the entirety of Township High School District 214. It’s the second-largest high school district in Illinois, consisting of 6 different schools with over 11,000 enrolled students. This story isn’t one of those typical rickrolls where students sneak…
Data Hack Hits Alumni of Harvard-Westlake Private School
Gary Baum reports: Students’ confidential academic files were hacked and exposed at Los Angeles private school Harvard-Westlake. Archived SAT scores, GPAs, transcripts and college recommendation letters were downloaded, then sent to a group of parents and the school newspaper, as well as The Hollywood Reporter. The materials encompass approximately 150 alumni who graduated over the past…
K–12 Cybersecurity Act Signed into Law
David Nagel reports: On Friday, Oct. 8, President Biden signed the K–12 Cybersecurity Act of 2021 into law. The act comes in response to growing data security incidents impacting K–12 schools in recent years, including a dramatic rise in ransomware and other forms of malware. On its own, the legislation is fairly simple: It authorizes the director of…
Manhasset School District Victim of Ransomware?
Frank Rizzo reports: Manhasset School District Acting Superintendent of Schools Gaurav Passi, at the Oct. 7 board of education meeting, said that the district may have been the victim of ransomware. “At this time we can confirm that we have discovered ransomware in our system,” Passi said. “And that the malicious actor—or threat actor, as…
The Dallas Independent School District breach impacted almost 800,000, but details are still lacking
On September 3, this site reported on a breach involving Dallas ISD in Texas. As noted at the time, details were lacking. But now their external counsel has provided notification to the Maine Attorney General’s Office and so we now know more: The breach, which reportedly occurred on June 8, impacted 795,497 individuals. [Note that…