A naukri.com initiative
TechCrunch
5d
16
Image Credit: TechCrunch
How victims of PowerSchool’s data breach helped each other investigate ‘massive’ hack
- PowerSchool, an EdTech giant that provides cloud-based education software, suffered a data breach on December 28 of last year in which the private and personal information of millions of students and teachers was compromised.
- School administrators who use the breached system began to connect with each other in order to investigate the extent of the breach, mostly because of PowerSchool's poor communication and lack of information on what had been compromised. This resulted in a how-to guide being created to help others investigate their own breach, which became almost viral within the PowerSchool community.
- There have been calls to improve the cybersecurity infrastructure in education. Education has to rely on open collaboration through more informal, sometimes public channels, because they lack the funding and expertise to employ a full cybersecurity workforce.
- The K-12 sector is becoming increasingly targeted, with the insights gained via the PowerSchool breach expected to be of significant value to hackers in their work elsewhere.
- The schools and institutions impacted by the breach will have to provide access to credit monitoring services for all involved, and to take other steps such as contacting identity protection bureaus to prevent their personal information being used for financial impropriety or other nefarious purposes.
- The incident may help raise awareness about the vulnerability of educational institutions to cyberattacks and highlight the importance of investing in appropriate protection. The responsibility for maintaining school cybersecurity is often assigned to people with little knowledge of the subject.
- The lack of funding to maintain and invest in cybersecurity infrastructure is cited as a major inhibitor to ensuring that student data and information is effectively protected. To ensure that schools can protect this information, more funding and better cybersecurity awareness raising for school site personnel will be necessary.
- Schools that have suffered a cyber-incident may see significantly increased insurance premiums, especially if there are insurers that are willing to cover schools. Current policies for schools generally only cover a small portion of the aftermath of a successful cyber-attack.
- Increased security measures set up on school websites or applications risk unintentionally creating a disadvantage for underprivileged students who might lack the resources to access the digital tools necessary for remote learning under such circumstances.
- The data breach of PowerSchool, among one of the largest in the education sector in recent memories, has highlighted the need for more cybersecurity expertise in the sector. The market is sensitive to the challenges facing institutions and, as a result, incumbent EdTech companies investing in cybersecurity may frequently serve as attractive acquisition targets for larger firms looking to enter the market.
Read Full Article
Like
For uninterrupted reading, download the app