Public K-12 education agencies across the nation reported 348 cybersecurity incidents during 2019—nearly three times as many incidents as were publicly disclosed during 2018.
A report from the K-12 Cybersecurity Resource Center, The State of K-12 Cybersecurity: 2019 Year in Review, says many of these incidents caused significant problems. They resulted in the theft of millions of dollars, stolen identities, and the denial of access to school technology systems for weeks or longer.
Student and educator data breaches were the most commonly experienced type of incident in 2019. More than half of these were because of the actions of insiders to the school community, including edtech vendors and other third-party partners. The next most frequent type of cyber incident experienced by schools during 2019 was ransomware.
Data for the report comes from publicly disclosed incidents cataloged on the K-12 Cyber Incident Map. The map and underlying database capture detailed information about two inter-related issues:
- publicly disclosed cybersecurity incidents affecting public K-12 schools, districts, charter schools, and other public education agencies (such as regional and state education agencies) in the 50 states and Washington, D.C.
- the characteristics of public school districts (including charter schools) that have experienced one or more publicly disclosed cybersecurity incidents.
The 348 incidents in 2019 involved 336 education agencies across 44 states; 329 of those involved regular public school districts. Suburban districts were the more common target (44.31%), followed by rural (22.75%).
Schools from the Northeast were victimized most often (33.93%), followed by the Central region (27.08%), West (25%) and Southeast (13.99%).
Since 2016, the K-12 Cyber Incident Map has documented more than 775 publicly disclosed incidents affecting students and educators.
Although acknowledging that the odds of experiencing an incident appear to vary by school district characteristics, the report stresses that the resource center "has documented school districts of every size and type that have experienced data breaches, phishing attacks, and ransomware/malware outbreak."
"School district leaders would do well to understand that no school district is safe from a potential incident," the report recommends.
