The K-12 Cyber Incident Map
0 Incidents Since January 2016
The K-12 Cyber Incident Map is a visualization of cybersecurity-related incidents reported about U.S. K-12 public schools and districts from 2016 to the present.** ‘Cyber’ incidents include:
- phishing attacks resulting in the disclosure of personal data (blue pins);
- other unauthorized disclosures, breaches or hacks resulting in the disclosure of personal data (purple pins);
- ransomware attacks (yellow pins);
- denial-of-service attacks (green pins); and
- other cyber incidents resulting in school disruptions and unauthorized disclosures (red pins).
The K-12 Cyber Incident Map is interactive. In addition to being able to shrink or enlarge the map, clicking on a pin will provide a summary of information about each specific incident, including the year the incident became public, the school/district involved, the incident type, a brief description of the incident, and the source of the data about the incident.
- A select list of K-12 specific cybersecurity resources and reports. [Last update: 1/15/18]
- A current list of schools and districts that have experienced more than one cyber incident since 2016 can be found here. [Last update: 10/6/17]
- A video playlist of TV news reports about select incidents reported on the K-12 Cyber Incident Map can be found here. [Last update: 1/6/18]
**Map last updated: January 15, 2018
The K-12 Cyber Incident Map: FAQ
What Does it Show?
Since January 1, 2016, U.S. K-12 public schools and districts were reported to have experienced at least 289 cyber security-related incidents resulting in the disclosure of personal information, the loss of taxpayer dollars, and the loss of instructional time. Some of these incidents have resulted in identity theft, as well as criminal charges for the perpetrators.
Follow updates to the K-12 Cyber Incident Map on Twitter at: @K12CyberMap
Why Was it Created?
The K-12 Cyber Incident Map was created to build a data-based awareness of the scope and variety of digital security and privacy threats facing K-12 public schools and districts. As public education increasingly relies on technology for teaching, learning, assessment and school operations, it is imperative that effective policy and practice is in place to protect children and youth, school employees, and taxpayer-funded equipment and services. It also is intended to shed a light on the need for uniform standards for disclosing cyber incidents affecting schools, students, and educators.
For related writing, research, and commentary about these issues, please see:
- Press Conference: Rockingham County (NC) Schools Respond to a Malware Attack (January 2, 2018)
- In the News: Criminals Make Schools’ Data a Target (December 24, 2017)
- On the Air: Ransomware Attack Leads to Student Data Breach in Texas Districts (December 20, 2017)
- Confronting K-12 Cybersecurity and the End of Innocence (December 18, 2017)
- In the News: Schools Struggle to Keep Pace With Hackings, Other Cyber Threats (November 29, 2017)
- The COPPA Rule, FERPA, and the Security of Student Data (November 17, 2017)
- Podcast: “Protecting Your Childrens’ Privacy against Google, Facebook…and their Schools” (November 4, 2017)
- On the Air: Hackers Target Student Data as Schools Report Increasing Cyberattacks (October 24, 2017)
- In The News: Hackers Target Nation’s Schools (October 23, 2017)
- In the News: On Cybercriminals Making Direct Threats Against Students (October 5, 2017)
- In the News: When Twitter Goes Bad (September 28, 2017)
- In the News: On School Surveillance Threats (September 21, 2017)
- K-12 Cyber Incident Map: 8 School Districts Have Experienced Multiple Cyber Incidents Since 2016 (August 18, 2017)
- Everything’s Bigger in Texas…Including (Maybe) the Data Breaches (August 12, 2017)
- There Can Be No Privacy Without Security: Emerging Lessons from the K-12 Cyber Incident Map (June 7, 2017)
- Three Lessons from the Google Docs Phishing Scam: K-12 Education Edition (May 6, 2017)
- Should We Be Sending Students Who Hack Their Schools to Jail? (April 22, 2017)
- Introducing the K-12 Cyber Incident Map (March 30, 2017)
- How Should We Address the Cybersecurity Threats Facing K-12 Schools? (March 14, 2017)
- In the News: Hackers Are Targeting Schools (February 17, 2017)
- IRS Official to Schools: “One of the Most Dangerous Email Phishing Scams We’ve Seen” (February 11, 2017)
- Three Questions for Every School District About Their Student Data Security Practices (June 28, 2015)
- Are Schools Helpless, Hapless When it Comes to IT Privacy and Security? (May 18, 2015)
Where Does the Data Come From?
This map and underlying dataset is painstakingly assembled from a variety of sources, including extensive online searches and consultation with experts. Publicly available compilations include:
- The Privacy Rights Clearinghouse maintains a database of public breaches that includes some information about school incidents.
- Databreaches.net offers a comprehensive history of education-related incidents.
- The Identity Theft Resource Center tracks U.S. data breaches, including those affecting schools.
Nonetheless, the dataset underlying this map is undeniably incomplete and may contain errors. Neither school districts nor their vendors are compelled to make public disclosures of every potentially significant incident (if required at all by state data breach notification laws), and media reports can be short and ambiguous.
How Can I Report an Incident? How Can I Contribute?
The K-12 Cyber Incident Map will be periodically updated as new information from reliable sources becomes available. If you would like to report an incident, correct an error, or are interested in contributing to this effort in another way, please email info[at]edtechstrategies.com or use another method to contact me directly with your query.