Experts have uncovered a significant data breach involving a non-password-protected database containing more than four million records, totalling around 827GB, concerning private school data.
Cybersecurity researcher Jeremiah Fowler said the breach at Texas-based school security company Raptor Technologies includes sensitive school safety records and personally identifiable information relating to students, parents, and staff.
While reviewing a sample of the documents, Fowler discovered school layouts, information about malfunctioning cameras and security gaps, background checks, student health information, court-ordered protection orders, and more.
School data breach
Raptor Technologies has since taken action to secure the files, but how long they were leaked for and whether anybody else had gained access to them remains unconfirmed.
Fowler outlined hypothetical scenarios of misuse, emphasizing the huge risks associated with the exposed information that could prove to be seriously harmful to those involved, including schoolchildren and minors.
The report cites National Center for Education Statistics records, revealing that 276 elementary and secondary school casualties and 157 postsecondary school casualties had been documented between 2000 and 2021 in active shooter incidents.
Keen to stress that the schools involved in the breach are not necessarily at any immediate risk, these figures paint a bleak picture of the potential implications of such a data breach.
Fowler also noted that the revelation does not imply active exploitation (which remains unconfirmed, but unlikely). Rather, that stronger security measures and awareness of the vulnerabilities that such data exposures can present are his aim.
He adds: “I imply no wrongdoing or neglect by Raptor Technologies. I also do not imply that there are any threats or risks to the schools, students, or staff. Our goal is to inform and raise awareness about potential vulnerabilities for the benefit of better data protection measures and security practices.”
TechRadar Pro has offered Raptor Technologies the opportunity to share a comment on the findings. Any response will be posted here.
More from TechRadar Pro
- Boost your cybersecurity with the best endpoint protection software and best firewalls
- Major data breach leaks highly sensitive donor records of multiple charities
- These are the best cloud storage providers to keep your data off-prem
