Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Craig Hale

School software breach reveals private data on millions of users

A computer screen showing a spreadsheet in use.

Experts have uncovered a significant data breach involving a non-password-protected database containing more than four million records, totalling around 827GB, concerning private school data.

Cybersecurity researcher Jeremiah Fowler said the breach at Texas-based school security company Raptor Technologies includes sensitive school safety records and personally identifiable information relating to students, parents, and staff.

While reviewing a sample of the documents, Fowler discovered school layouts, information about malfunctioning cameras and security gaps, background checks, student health information, court-ordered protection orders, and more.

School data breach

Raptor Technologies has since taken action to secure the files, but how long they were leaked for and whether anybody else had gained access to them remains unconfirmed.

Fowler outlined hypothetical scenarios of misuse, emphasizing the huge risks associated with the exposed information that could prove to be seriously harmful to those involved, including schoolchildren and minors.

The report cites National Center for Education Statistics records, revealing that 276 elementary and secondary school casualties and 157 postsecondary school casualties had been documented between 2000 and 2021 in active shooter incidents.

Keen to stress that the schools involved in the breach are not necessarily at any immediate risk, these figures paint a bleak picture of the potential implications of such a data breach.

Fowler also noted that the revelation does not imply active exploitation (which remains unconfirmed, but unlikely). Rather, that stronger security measures and awareness of the vulnerabilities that such data exposures can present are his aim.

He adds: “I imply no wrongdoing or neglect by Raptor Technologies. I also do not imply that there are any threats or risks to the schools, students, or staff. Our goal is to inform and raise awareness about potential vulnerabilities for the benefit of better data protection measures and security practices.”

TechRadar Pro has offered Raptor Technologies the opportunity to share a comment on the findings. Any response will be posted here.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.