« Many Students Still Lack Home Internet. Here's How Big the Problem Is. | Main | Which States Have the Biggest Home Internet Access Gaps for Students? »

Large, Well-Off Suburban Districts Most Likely to Get Hacked

Thumbnail image for data-hack-Getty-article.jpg

Big. Wealthy. Suburban. Those are the school districts most likely to report a data breach, according to a report released Thursday by the Government Accountability Office, Congress' investigative arm. Cybersecurity is an especially sensitive issue right now, as schools around the country are operating virtually to avoid spreading COVID-19

The agency found that districts where 25 percent or fewer students are eligible for free or reduced-price lunch comprised 26 percent of reported breaches, although they make up only 15 percent of all districts across the country.

And it found that suburban districts were more likely to be the target of attacks than urban or rural districts. Suburban districts made up 61 percent of districts with breaches, although they are only 39 percent of school districts overall. On the other hand, rural districts comprised 21 percent of districts with reported breaches even though they make up 42 percent of school districts overall. Urban districts comprise 19 percent of all districts, but 17 percent of districts with reported data breaches.

What's more, larger districts also tend to be targets of reported attacks more often than smaller districts. School districts with fewer than 1,000 students comprise 60 percent of all districts, but just 18 percent of those with reported hacks. Meanwhile, districts with more than 10,000 students make up just 5 percent of districts overall, but comprised 30 percent of reported hacks,

Why might that be? Experts who spoke to the GAO said that, for one thing, it might be easier to target larger districts since they are likely to have more staff members and, therefore, more people to respond to a potential phishing email. And bigger, wealthier districts are more likely to use more technology than smaller, poorer districts, which also provides more opportunities for a breach. Wealthy, large, suburban districts are also more likely to have people constantly monitoring their networks (such as a chief technology officer) and may notice an attack which less well-resourced district may not.

More than half of data breaches are intentional, the report found, while about a quarter are accidental. When the breach was intentional, students were most often responsible. And grade changes were the most common motivation. When the breach was an accident, staff were most often responsible. For instance, staffers might email data to the wrong recipients or post it on a public website, which is considered a breach.

GAO snip.PNG

The GAO's analysis relied on data from the K-12 Cybersecurity Research Center, which you can check out here.

Image: Getty

Notice: We recently upgraded our comments. (Learn more here.) If you are logged in as a subscriber or registered user and already have a Display Name on edweek.org, you can post comments. If you do not already have a Display Name, please create one here.
Ground Rules for Posting
We encourage lively debate, but please be respectful of others. Profanity and personal attacks are prohibited. By commenting, you are agreeing to abide by our user agreement.
All comments are public.

Follow This Blog


Most Viewed on Education Week



Recent Comments

  • reflections apartments: AIMCO and cock roaches read more
  • reflections casselberry: AIMCO and cock roaches read more
  • tworzenie stron internetowych RzeszĂłw: As I web site possessor I believe the content matter read more
  • reflections apartments: http://www.youtube.com/watch?v=_lyhMey4CVE read more
  • Free Twitter Marketing: My Brother just mentioned this website to me, and told read more