Impact of Cybersecurity Risks on Young Students
Upon learning about a data breach in her children’s school system in February 2023, Celeste Gravatt initially underestimated the severity of the situation. Initially labeled as a “system incident” by Minneapolis Public Schools officials, the breach escalated to a critical level, eventually termed as “a cybersecurity risks young students event.”
Gravatt, a parent with children in Minneapolis schools, only grasped the gravity of the attack after discovering the full extent of the breach on social media. The cyberattack on Minneapolis Public Schools was deemed one of the most catastrophic in history, involving the theft of sensitive district data, including identifiable information about students. The hackers demanded a ransom from the district, and upon refusal, released the compromised data online, exposing Social Security numbers, security details, and confidential information like records of sexual assaults and psychiatric holds.
This incident highlights the pressing issue of cybersecurity risks young students face. With school systems relying heavily on technology, cyberattacks on these systems and the sensitive data they house are becoming more prevalent. While the exact number of K-12 school systems targeted by hackers remains unclear, reports indicate a significant increase in attacks, with 108 districts reporting breaches in 2023, more than double the previous year’s count.
Minneapolis Public Schools’ Response
Despite declining interview requests, Minneapolis Public Schools acknowledged the breach through a written statement, notifying over 105,000 potentially affected individuals. Gravatt emphasized the enormity of the breach, highlighting the exposure of not only school records but also private health information and other confidential data that is now vulnerable to exploitation.
This incident reflects a concerning national trend where hackers are increasingly targeting a surprising demographic – young public school students. With school systems relying heavily on technology, cyberattacks on these systems and the sensitive data they house are becoming more prevalent. While the exact number of K-12 school systems targeted by hackers remains unclear, reports indicate a significant increase in attacks, with 108 districts reporting breaches in 2023, more than double the previous year’s count.
The repercussions of such data breaches can have long-lasting effects on students well into their adult lives. Student data, encompassing disciplinary records, medical histories, and special education information, can be held hostage by hackers who threaten to expose this sensitive data unless a ransom is paid, mirroring the events in Minneapolis. Furthermore, this data can be exploited for identity theft, with children’s information being particularly valuable to cybercriminals.
Doug Levin, the director of the K12 Security Information eXchange, notes that children’s identity information holds significant value for cybercriminals, despite children not having individual financial resources. The theft of a child’s identity can lead to extensive repercussions, as parents may not actively monitor their children’s credit activities, allowing malicious actors to misuse this information to open fraudulent accounts, accumulate debt, and apply for loans in the child’s name. Consequently, cybercriminals can exploit minors’ credit records for an extended period before any detection occurs.
Educational Institutions Hold Vast Amounts of Information
Many people mistakenly believe that schools only possess basic data like “Johnny and Susie’s algebra grades,” according to Levin.
In reality, schools collect a wide range of sensitive information. This includes details such as students’ allergies, disciplinary actions, family income, and legal mandates.
Impact of Cybersecurity Risks on Young Students
“Educators within school systems tend to hoard information over time, leading to unnecessary data accumulation,” Levin points out. This practice often results in data not being removed when it serves no purpose.
The recent breach in Minneapolis is described by Gravatt as a severe invasion of privacy, leaving her feeling violated on behalf of her children and herself. Having been a former student in the Minneapolis Public Schools, she also had personal data within the system.
Concerns are raised by advocates regarding the heightened vulnerability of Black and brown students in the event of a school system being compromised. A report from the Minnesota Department of Human Rights reveals that Black students in the state face an eight-fold higher risk of suspension or expulsion compared to their white counterparts.
Marika Pfefferkorn emphasizes that this disparity results in a greater volume of personal information being entered into the system for these students. As a co-founder of the Twin Cities Innovation Alliance, she aims to educate and empower parents on the potential misuse of data collected about their children.
Pfefferkorn underscores that the extent of information gathered on a student, whether related to housing, custody, or eligibility for free lunch, directly correlates with their susceptibility following a data breach.
The Impact on Students’ Future Due to Cybersecurity Risks
Cybersecurity risks targeting young students can have severe long-term consequences. These risks may resurface later in life and negatively impact individuals well into adulthood.
For instance, if a student has a history of drug use that they have successfully overcome, or if they possess disciplinary records that should have been removed but are now publicly accessible, this information could resurface during crucial times such as college applications, job interviews, or court proceedings.
“Even minor details like information on past suspensions could potentially lead to a young person facing a more severe sentence,” warns Pfefferkorn.
Cybersecurity Risks for Young Students
Following the breach in Minneapolis, Pfefferkorn highlights that some students, whose sexual assault records were exposed, became targets of doxing and bullying by their peers. Levin, an expert in cybersecurity, emphasizes the potential devastating consequences of certain information being made public.
“In today’s polarized society, issues like gender identity, pregnancy, or immigration status can be highly sensitive. If such information were to be disclosed about specific individuals at particular times, it could pose life-threatening risks.”
Families may find it overwhelming to recover from cybersecurity risks affecting young students
Minneapolis Public Schools offered free credit monitoring services for one year to those affected, along with advice on safeguarding against identity theft and fraud, amidst cybersecurity risks young students face.
When it comes to cybersecurity risks young students, and families are advised to follow a comprehensive set of recommendations. These include actions like setting up a fraud alert and security freeze on their credit file, getting in touch with national consumer reporting agencies, and contacting authorities like the Federal Trade Commission, their state attorney general, and local law enforcement if they believe there has been an attempted identity theft.
Minneapolis parent Rachael Flanery expressed feeling extremely overwhelmed. She finds it unrealistic to expect parents to fulfill all the tasks recommended by the school district.
Flanery, a parent of two young children in the school system, ultimately took no action regarding cybersecurity risks facing young students.
“I attempted to ignore the situation, adopting an ostrich approach. I chose to remain oblivious, thinking that if confronted with the news that my 7-year-old had made an unauthorized purchase, I would address the issue promptly and aim to have the charges reversed.”
Her family relocated to a new school district, prompting Flanery to reflect on the unsettling experience. As a parent, her primary concern has always been her children’s physical well-being. However, the recent shift has also heightened her apprehension about cyber safety. The evolving landscape of cybersecurity risks young students has now become an additional worry for her.
Parental Concerns About Cybersecurity Risks for Young Students
Expressing her worries about cybersecurity risks young students face, Celeste Gravatt, a parent, took proactive measures by securing her kids’ credit to prevent unauthorized account openings. Her primary fear revolves around the potential exposure of her child’s health information, causing persistent anxiety whenever the thought crosses her mind.
“Being someone who isn’t particularly adept with technology, I often ponder about cybersecurity risks young students face. The thought of someone accessing unauthorized information without my knowledge is concerning. Would I realize it before it’s too late? It’s uncertain.”
In charge of editing: Nicole Cohen, responsible for visual design and development: LA Johnson, and overseeing the production of the audio story: Lauren Migaki.
