Cyber Security

School Districts Fall Victim to Cybersecurity Threats

K12 SIX Releases 2022 Edition of “State of K-12 Cybersecurity: Year in Review” Report

The “State of K-12 Cybersecurity: Year in Review” report is a product of the Kindergarten Through Twelfth Grade Security Information Exchange (K12 SIX), based on data from the K-12 Cyber Incident Map, the definitive source of information about publicly disclosed cyber incidents affecting U.S. public schools and education agencies.

During the 2021 calendar year, the most recent K12 SIX report cataloged 166 publicly-disclosed cyber incidents affecting 162 school districts across 38 states. For the first time ever, ransomware represented the most frequently disclosed incident type. Ransomware attacks against schools during 2021 commonly resulted in school closures with unbudgeted remediation and recovery costs ranging from hundreds of thousands to many millions of dollars.

Data breaches represent the second most common incident type tracked. As in previous years of the report, most data breaches involved confidential information of current and former students and—to a lesser degree—teachers and other staff. The most significant vector for data breaches were school vendors and suppliers. In fact, since 2016, 55% of all publicly-disclosed K-12 data breaches have been the result of compromised vendors.

This “State of K-12 Cybersecurity: Year in Review” report is the fourth in an annual series designed to shed light on cybersecurity incident trends in the U.S. K-12 public education sector, based on a data source that the U.S. Government Accountability Office (GAO) found to be the “most complete resource that tracks K-12 cybersecurity incidents, including student data breaches.”

Since 2016, this research effort has identified a total of 1,331 publicly disclosed school cyber incidents across a wide array of incident types, including:

• Student data breaches
• Data breaches involving teachers and school community members
• Ransomware attacks
• Business email compromise (BEC) scams
• Denial of service (DoS) attacks
• Website and social media defacement
• Online class and school meeting invasions
• Other incidents

Averaged over the last six years, this equates to a rate of more than one publicly reported K-12 cyber incident being experienced by the nation’s schools per school day, with the estimate of the actual number of incidents many times that amount.

For more data and analysis on cyberattacks against K-12 schools, download the report. The document also offers concrete recommendations school districts can take to improve their security, including by leveraging information sharing, implementing baseline security controls, and by improving the vetting of vendors and suppliers.

For more such updates and perspectives around Digital Innovation, IoT, Data Infrastructure, AI & Cybersecurity, go to

Related posts

DKBinnovative celebrates 7th Year on Inc. 5000

PR Newswire

Presidio Bolsters Comprehensive Cybersecurity Sol with Active Response

Business Wire

VVDN Technologies and Axiado announced collaboration

PR Newswire