FBI Warns Parents of Edtech Security Risk

The FBI has warned US parents that school use of educational technology could be putting their children at risk from identity theft, cyber bullying and more.

Edtech platforms are an increasingly popular way to improve student collaboration and personalize learning experiences, but they also harvest highly sensitive data on students, according to the Feds.

This includes PII, biometrics, medical information, geolocation and classroom activities.

“In late 2017, cyber actors exploited school information technology (IT) systems by hacking into multiple school district servers across the United States. They accessed student contact information, education plans, homework assignments, medical records, and counselor reports, and then used that information to contact, extort, and threaten students with physical violence and release of their personal information,” noted the FBI alert.

“The actors sent text messages to parents and local law enforcement, publicized students’ private information, posted student PII on social media, and stated how the release of such information could help child predators identify new targets.”

Edtech companies themselves can also be targeted: one vendor last year was found to have exposed internal data on a publicly accessible server, while another was breached, with student data ending up for sale on the dark web, according to the FBI.

The Bureau also warned of hackers targeting mobile devices used alongside edtech to get at sensitive data or monitor students via cameras and mics.

The public service announcement encouraged parents and families to discuss with local districts how edtech is used in their schools, consider identity theft monitoring for their kids, research previous school breaches for more contextual information, and more.

What’s Hot on Infosecurity Magazine?