Like big businesses, schools gather a lot of data. Unlike big businesses, they don’t have many IT and security resources to protect that information. Schools collect names and birth dates, social security numbers, discipline records and health records. With this data, thieves can create fake online identities, or sell the students’ information and identities.
According to recent research by EdTech Strategies, more than 25 percent of school district websites embed user tracking tools that report sensitive user data back to Facebook. In the wake of a high-profile data-privacy scandal involving the social media company, schools and education organizations are taking a closer look at how and why they engage with Facebook.
Student data privacy advocates say the storm clouds around Facebook from the evolving Cambridge Analytica scandal are a reminder that schools, educators, and students should be asking tough questions about the third-party services on which they rely.
Cyber criminals’ increased interest in attacking education systems imperils students’ financial futures and privacy, and gives parents a reason to question whether schools are up to the task of protecting their kids’ personal data.
These are new threats facing schools. They are harming individuals. They are disrupting school schedules – and class time – and they are costing schools and taxpayers a lot of money. We need an effective and comprehensive response.
Both federal policies – FERPA and COPPA – presume that schools have the resources and knowledge to assess their own data security practices, to say nothing of their vendors. Emerging evidence says otherwise.
To better understand the cybersecurity challenges facing schools, Education Week talked with school leaders in Arizona, Connecticut, Montana, and Texas about the cybersecurity incidents they faced, and how they responded. They found that the country’s K-12 information-technology leaders are likely underestimating the dangers they face and that many are failing to take even basic steps to secure their networks and data.
Cyber attacks are increasingly hitting schools in the U.S., targeting sensitive student data. Why are hackers zeroing in on schools and students – and what can we do about it?