Data breach and data leak news from educational facilities.
Security Week reports that Instructure is the latest edtech firm to fall prey to hackers. Based in Salt Lake City, Utah, the edtech firm is best known for Canvas, one of the most widely used learning platforms across educational institutions and other organizations. Disclosed on April 30, the cyberattack was blamed for “disruption to tools […]
DEFCROS News reports: Senators Maggie Hassan and Jim Banks are pressing for answers from Navigate360 following a cyberattack that reportedly compromised sensitive student data from school safety tip lines. The incident has raised significant concerns about the security of information intended to protect students and the integrity of the systems designed to facilitate anonymous reporting. […]
Will P3 wind up on a vendors not to be trusted list? DataBreaches.net reports: P3 Global Intel advertises itself as a “fully integrated and state-of-the-art tip acquisition and tip management solution that has quickly become the leading choice of Crime Stoppers Programs, Law Enforcement Agencies, Campus Safety Programs, and Federal Agency Initiatives.” 35,000 U.S. schools use P3 Campus, which […]
The Minnesota Department of Human Services’ vendor breach was not the only recent breach disclosed that affected more than 300,000 people. Monroe University in New York also disclosed a breach involving a lot of sensitive information. From their January 13 notification letter: We are posting this notice to inform our community of a data security […]
TORONTO, ON (November 18, 2025) — Ontario and Alberta information and privacy commissioners have released the findings of their investigations into a massive privacy breach involving PowerSchool education technology (edtech) used by schools in their respective provinces. The incident, which affected millions of Canadians across the country, highlights the importance for educational bodies, including school boards, […]
In 2022, Illuminate Education, Inc. suffered a major data breach. Now three states have announced a settlement with the edtech vendor. From the California Attorney General Rob Bonta’s office:
Bleeping Computer reports: A hacker has taken responsibility for last week’s University of Pennsylvania “We got hacked” email incident, saying it was a far more extensive breach that exposed data on 1.2 million donors and internal documents. On Friday, University of Pennsylvania alumni and students began receiving multiple offensive emails from Penn.edu addresses claiming the university […]
Bleeping Computer reports: Harvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged breach was likely caused by a recently disclosed zero-day vulnerability in Oracle’s E-Business Suite servers. “Harvard is aware of reports that data associated with the University has been obtained […]
TechNadu reports: A vendor that serves the Los Angeles Unified School District, Kokomo24/7, has notified authorities about a network file exposure on its internal systems and data storage environment. Investigators determined that the suspicious activity discovered on December 11, 2024, allowed cybercriminals to access sensitive personal information. Since Kokomo24/7 is a vendor for the Los Angeles Unified […]
Watchdog warns of ‘insider threat’ of students launching cyberattacks on their schools
Public Technology reports: The UK’s data-protection watchdog has warned of a growing trend of cyberattacks on schools being perpetrated by pupils. The Information Commissioner’s Office recently analysed the details of 215 data breaches that took place across the education sector between January 2022 and August 2024 and were classified as “insider attacks”. Almost three in […]