The K-12 Cyber Incident Map
The K-12 Cyber Incident Map is a visualization of cybersecurity-related incidents reported about U.S. K-12 public schools and districts from 2016 to the present.** ‘Cyber’ incidents include:
- phishing attacks resulting in the disclosure of personal data (blue pins);
- other unauthorized disclosures, breaches or hacks resulting in the disclosure of personal data (purple pins);
- ransomware attacks (yellow pins);
- denial-of-service attacks (green pins); and
- other cyber incidents resulting in school disruptions and unauthorized disclosures (red pins).
The K-12 Cyber Incident Map is interactive. In addition to being able to shrink or enlarge the map, clicking on a pin will provide a summary of information about each specific incident, including the year the incident became public, the school/district involved, the incident type, a brief description of the incident, and the source of the data about the incident. Questions? See the FAQ. For news and updates, follow @K12CyberMap.
The impact of these incidents can be significant, as select news reports reveal:
**Map last updated: April 27, 2017
The K-12 Cyber Incident Map: FAQ
What Does it Show?
For the period January 1, 2016 to April 27, 2017, U.S. K-12 public schools were reported to have experienced at least 122 separate cyber security-related incidents resulting in the disclosure of personal information, the loss of taxpayer dollars, and the loss of instructional time. Some of these incidents have resulted in identity theft, as well as criminal charges for the perpetrators.
Follow updates to the K-12 Cyber Incident Map on Twitter at: @K12CyberMap
Why Was it Created?
The K-12 Cyber Incident Map was created to build a data-based awareness of the scope and variety of digital security and privacy threats facing K-12 public schools and districts. As public education increasingly relies on technology for teaching, learning, assessment and school operations, it is imperative that effective policy and practice is in place to protect children and youth, as well as taxpayer-funded equipment and services. It also is intended to shed a light on the need for uniform standards for disclosing cyber incidents affecting schools, students, and educators.
For related writing and research about these issues, please see:
- Should We Be Sending Students Who Hack Their Schools to Jail?
- Introducing the K-12 Cyber Incident Map
- How Should We Address the Cybersecurity Threats Facing K-12 Schools?
- IRS Official to Schools: “One of the Most Dangerous Email Phishing Scams We’ve Seen”
- Three Questions for Every School District About Their Student Data Security Practices
- Are Schools Helpless, Hapless When it Comes to IT Privacy and Security?
Where Does the Data Come From?
This map and underlying dataset was painstakingly assembled from a variety of sources, including extensive online searches and consultation with experts. Publicly available compilations include:
- The Privacy Rights Clearinghouse maintains a database of public breaches that includes some information about school incidents.
- Databreaches.net offers a comprehensive history of education-related incidents.
- The Identity Theft Resource Center tracks U.S. data breaches, including those affecting schools.
Nonetheless, the dataset underlying this map is undeniably incomplete, perhaps by orders of magnitude, and may contain errors. Neither school districts nor their vendors are compelled to make public disclosures of every potentially significant incident (if required at all by state data breach notification laws), and media reports can be short and ambiguous.
How Can I Report an Incident? How Can I Contribute?
The K-12 Cyber Incident Map will be periodically updated as new information from reliable sources becomes available. If you would like to report an incident, correct an error, or are interested in contributing to this effort in another way, please email info[at]edtechstrategies.com or use another method to contact me directly with your query.