- Personal data from Prince George’s County Public Schools in Maryland “may be released online” by those behind a cyberattack earlier this month affecting 4,500 district user accounts out of 180,000, according to a statement from the district.
- The district, which is one of the 20 largest in the U.S., said it was still not aware of the exact information that could be leaked nor the full extent to which users' data could be affected.
- In the meantime, the school system said it is working to conduct a detailed review of all potentially compromised data. The process is expected to take several weeks, and the district plans to offer all staff and students access to free credit monitoring and identity protection services.
As more details arise on the impact the Prince George’s County cyberattack may have on students and staff, the incident reflects — once again — the severe consequences districts can face following a data breach.
It’s possible, even likely, that sensitive school data can be leaked if a district’s network is hit, putting individuals at risk for financial or identity theft. For instance, Minneapolis Public Schools saw its data accessed and shared publicly earlier this year after a ransomware gang claimed responsibility for a cyberattack.
Depending on the nature of the incident, hackers can even steal sizable school funds or demand thousands of dollars from a district in exchange for its seized data. And because schools and districts are increasingly refusing to pay ransoms, hackers are upping the ante by releasing highly sensitive data, as seen with Minneapolis schools and the Los Angeles Unified School District.
Schools can be a prime target for cybercriminals as they often lack staff and resources to protect their vast, sensitive information. Given that, federal efforts are ramping up to address the issue. To bolster K-12 cybersecurity, the White House and the departments of Education and Homeland Security released guidance in August and announced a mix of public and private partnerships to spur more solutions.
Even as federal officials look to streamline help, the latest cyberattack against Prince George’s reveals there’s a long way to go until schools can feel fully prepared and protected from the evolving cyber threats.