The K-12 Cyber Incident Map
The K-12 Cyber Incident Map is a visualization of cybersecurity-related incidents reported about U.S. K-12 public schools and districts from 2016 to the present.** ‘Cyber’ incidents include:
- phishing attacks resulting in the disclosure of personal data (blue pins);
- other unauthorized disclosures, breaches or hacks resulting in the disclosure of personal data (purple pins);
- ransomware attacks (yellow pins);
- denial-of-service attacks (green pins); and
- other cyber incidents resulting in school disruptions and unauthorized disclosures (red pins).
The K-12 Cyber Incident Map is interactive. In addition to being able to shrink or enlarge the map, clicking on a pin will provide a summary of information about each specific incident, including the year the incident became public, the school/district involved, the incident type, a brief description of the incident, and the source of the data about the incident.
A current list of schools and districts that have experienced more than one cyber incident since 2016 can be found here.
The impact of these incidents can be significant, as select news reports reveal:
**Map last updated: August 17, 2017
The K-12 Cyber Incident Map: FAQ
What Does it Show?
For the period January 1, 2016 to August 17, 2017, U.S. K-12 public schools and districts were reported to have experienced at least 199 separate cyber security-related incidents resulting in the disclosure of personal information, the loss of taxpayer dollars, and the loss of instructional time. Some of these incidents have resulted in identity theft, as well as criminal charges for the perpetrators.
Follow updates to the K-12 Cyber Incident Map on Twitter at: @K12CyberMap
Why Was it Created?
The K-12 Cyber Incident Map was created to build a data-based awareness of the scope and variety of digital security and privacy threats facing K-12 public schools and districts. As public education increasingly relies on technology for teaching, learning, assessment and school operations, it is imperative that effective policy and practice is in place to protect children and youth, as well as taxpayer-funded equipment and services. It also is intended to shed a light on the need for uniform standards for disclosing cyber incidents affecting schools, students, and educators.
For related writing and research about these issues, please see:
- K-12 Cyber Incident Map: 8 School Districts Have Experienced Multiple Cyber Incidents Since 2016
- Everything’s Bigger in Texas…Including (Maybe) the Data Breaches
- There Can Be No Privacy Without Security: Emerging Lessons from the K-12 Cyber Incident Map
- Three Lessons from the Google Docs Phishing Scam: K-12 Education Edition
- Should We Be Sending Students Who Hack Their Schools to Jail?
- Introducing the K-12 Cyber Incident Map
- How Should We Address the Cybersecurity Threats Facing K-12 Schools?
- IRS Official to Schools: “One of the Most Dangerous Email Phishing Scams We’ve Seen”
- Three Questions for Every School District About Their Student Data Security Practices
- Are Schools Helpless, Hapless When it Comes to IT Privacy and Security?
Where Does the Data Come From?
This map and underlying dataset was painstakingly assembled from a variety of sources, including extensive online searches and consultation with experts. Publicly available compilations include:
- The Privacy Rights Clearinghouse maintains a database of public breaches that includes some information about school incidents.
- Databreaches.net offers a comprehensive history of education-related incidents.
- The Identity Theft Resource Center tracks U.S. data breaches, including those affecting schools.
Nonetheless, the dataset underlying this map is undeniably incomplete, perhaps by orders of magnitude, and may contain errors. Neither school districts nor their vendors are compelled to make public disclosures of every potentially significant incident (if required at all by state data breach notification laws), and media reports can be short and ambiguous.
How Can I Report an Incident? How Can I Contribute?
The K-12 Cyber Incident Map will be periodically updated as new information from reliable sources becomes available. If you would like to report an incident, correct an error, or are interested in contributing to this effort in another way, please email info[at]edtechstrategies.com or use another method to contact me directly with your query.