The K-12 Cyber Incident Map: Frequently Asked Questions (FAQ)
What Does it Show?
Since January 1, 2016, U.S. K-12 public schools and districts were reported to have experienced hundreds of cyber security-related incidents resulting in the disclosure of personal information, the loss of taxpayer dollars, and the loss of instructional time. Some of these incidents have resulted in identity theft, as well as criminal charges for the perpetrators.
How Can I Keep Up-to-Date on New Incidents?
Follow updates to the K-12 Cyber Incident Map via Keeping K-12 Cyber Secure, the newsletter of the K-12 Cybersecurity Resource Center.
Why Was it Created?
The K-12 Cyber Incident Map was created to build a data-based awareness of the scope and variety of digital security and privacy threats facing K-12 public schools and districts. As public education increasingly relies on technology for teaching, learning, assessment and school operations, it is imperative that effective policy and practice is in place to protect children and youth, school employees, and taxpayer-funded equipment and services. It also is intended to shed a light on the need for uniform standards for disclosing cyber incidents affecting schools, students, and educators.
Where Does the Data Come From?
This map and underlying dataset is painstakingly assembled from a variety of public sources and news reports, including extensive online searches and consultation with experts. Related publicly available compilations include:
- The Privacy Rights Clearinghouse maintains a database of public breaches that includes some information about school incidents.
- Databreaches.net offers a comprehensive history of education-related incidents.
- The Identity Theft Resource Center tracks U.S. data breaches, including those affecting schools.
Nonetheless, the dataset underlying this map is undeniably incomplete and may contain errors. Neither school districts nor their vendors are compelled to make public disclosures of every potentially significant incident (if required at all by state data breach notification laws), and media reports can be short and ambiguous.
How Can I Report an Incident? How Can I Contribute?
The K-12 Cyber Incident Map is updated as new information from reliable sources becomes available. If you would like to report an incident, correct an error, or are interested in contributing to this effort in another way, please contact us directly with your query.
If you benefit from this work, please consider becoming a supporter today.