@lavxnews It's time people stopped claiming that breaches that have occurred over and over again for years are a "wake up call" for anything. Every sector has had "wake up calls" galore, including the education sector. Nobody woke up. Nobody is still waking up. Instead of a headline calling a breach a "wake up call," maybe the headline should be "Yet another avoidable breach will lead to a major lawsuit."
Santa Fe ISD parents are concerned about data security after 'cyber event' disrupts campus network https://abc13.com/post/santa-fe-isd-working-fix-network-issues-cyber-event-disrupts-internet-phone-service-campus/16242442/ #edtech #edusec @PogoWasRight @brett @funnymonkey
Baltimore City Public Schools ramping up cybersecurity measures after data breach https://www.cbsnews.com/baltimore/news/baltimore-city-public-schools-cybersecurity-breach-maryland/ #edtech #edusec @PogoWasRight @brett @funnymonkey
Canada: FOI reveals ransom demand was made in school board cyber incident
https://www.villagereport.ca/village-picks/foi-reveals-ransom-demand-was-made-in-school-board-cyber-incident-10550646 #edtech #edusec @PogoWasRight @brett @funnymonkey
Rainbow District School Board still doesn't provide answers to reasonable questions about its cyberattack, claiming exemptions under relevant Ontatio municipal freedom of information law:
Hackers breach 62 US colleges by allegedly exploiting Ellucian Banner Web flaw
https://securityaffairs.com/88696/breaking-news/llucian-banner-web-flaw.html #edtech #edusec @PogoWasRight @boblord @brett @funnymonkey
Smiley calls for data sharing once Providence gets its schools back from state:
Direct link to Providence's plan: https://www.providenceri.gov/wp-content/uploads/2025/04/Providence-PPSD-Transition-Plan.pdf Pages 51-56 seem to be about data management.
Fall River schools chief: No insurance for cyberattack; says computer system remains down:
Could Trump Budget Cuts Lead to More Cyberattacks Against Schools? (tl;dr YES)
https://archive.ph/GaGhr #edtech #edusec @PogoWasRight @brett @funnymonkey
Sensitive data was leaked in 2024 Highline Public Schools ransomware attack https://www.seattletimes.com/education-lab/sensitive-data-was-leaked-in-2024-highline-public-schools-ransomware-attack/ #edtech #edusec @PogoWasRight @brett @funnymonkey
While many are focused on ransomware, BEC scammers have been going to town vs. US K-12: "More than $846K stolen from Florida school district in fraud scheme: CCSO" https://www.fox13news.com/news/more-than-846k-stolen-from-florida-school-district-fraud-scheme-ccso #edtech #edusec @PogoWasRight @brett @funnymonkey
Takeaways from our investigation on AI-powered school surveillance. The AP and Seattle Times teamed up on this investigation.
From their overview: "But these tools raise serious questions about privacy and security. In fact, when The Seattle Times and The Associated Press partnered to investigate school surveillance, reporters inadvertently received access to almost 3,500 sensitive, unredacted student documents through a records request. The documents were stored without a password or firewall, and anyone with the link could read them."
What do you think about this report out of Umatilla? Is this PowerSchool or something unrelated? If they just discovered a breach this week?
https://www.vpnranks.com/news/umatilla-schools-data-breach-exposes-student-records/
Here's another Canadian school that had decades of student data caught up in the PowerSchool breach:
Wellington Catholic District School Board:
https://www.wellingtonadvertiser.com/cybersecurity-breach-involves-29-years-of-catholic-school-board-data/
@douglevin @funnymonkey @brett
American School of Dubai mentioned as having been affected: https://www.dmnews.com/school-districts-worldwide-impacted-by-powerschool-breach/
I must have missed something. I thought PowrerSchool hit US and Canada. It also hit some Bermuda schools?
"Ms Richards said the company confirmed the breach included “data from some Bermuda public schools families and teachers”."
@douglevin @funnymonkey @mkeierleber
So I could be wrong, but I think the only way they may be able do that for minor kids who don't have a credit report already is to have Experian create a credit report for the minor which they then monitor.
So now your kid has a credit report, which they never should have had as a minor, and what happens after two years when Experian stops monitoring it?
Has anyone asked them about that?
Well, smart move by PowerSchool on this: "PowerSchool will be offering two years of complimentary identity protection services for all students and educators whose information was involved and will also be offering two years of complimentary credit monitoring services for all adult students and educators whose information was involved. We are doing this regardless of whether an individual’s Social Security Number was exfiltrated."
Dear Diary,
Another day has gone by and PowerSchool still doesn't have any dedicated webpage or website linked from their home page about the data breach. Where is all that helpful info they promised everyone?
I asked their PowerBot where their update page on the breach is. Here's PowerBot's response, below.
And no, there is nothing on the page PowerBot pointed to that has anything on the breach at all.
