Schools Are a Hot Target for Data Thieves

Going to school is a meaningful part of every child’s life, no matter what kind of educational setting they attend. It’s filled with exciting new experiences, but unfortunately, it can also include some frustration and even some heartache before your students complete their education.

Of all the things that parents worry about for their kids, though, identity theft might be low on the list. Recent reports, however, show that parents should pay closer attention to the threat of thieves who target schools.

Child identity theft has been a serious problem for quite some time since kids typically don’t have a credit file and therefore provide a “clean slate” when it comes to their credit reports. Also, children and their parents tend not to monitor the minor’s credit report; that means any criminal activity using a child’s identity can go unnoticed for years and years. As such, school computer networks are literally a treasure trove of identities, ripe for the stealing.

Unfortunately, that’s just one of the reasons schools are attacked. In 2016, four school districts in Florida were infiltrated by hackers from Morocco who sought to tamper with the election process. That might sound pretty far-fetched; after all, what do elementary school students have to do with voting? But as numerous third-party data breaches of major retailers have shown, sometimes the locked door you want to enter can be accessed through a different, less secure door. After infiltrating school district networks and turning off the logging software that monitors who has accessed sensitive files, the hackers were hoping to sidestep into other state government networks. In order to make sure they weren’t monitored, they first accessed the personal data for hundreds of thousands of students.

While these issues can lead to an attack on public schools, universities and colleges hold an entirely different goal for hackers: proprietary research. Institutions of higher education are often research centers as well, many of them government or corporate grant-funded. The information that can be stolen from a single university lab can be sold for an outrageous amount of money to an unscrupulous individual who would rather use someone else’s research than spend years of time conducting their own research. The sad reality in those instances is this: once a hacker breaks into a university network to steal research data, the students’ identities are just another potential goldmine to be grabbed on the way out.

The final characteristic that makes schools of any grade a target for data thieves is quite simply their budget constraints. Too many schools don’t have strong cybersecurity safeguards in place or are held to the constraints of using an outdated security protocol that was approved by a board ages ago. Without up-to-date cybersecurity protocols, they literally can’t keep hackers out.

But what does this mean for parents? It should speak to a need for caution. Think before handing over your child’s personal information, and make sure you take action if you notice anything suspicious, like credit card offers, bills or statements for medical care they didn’t receive, or a jury summons arriving in your child’s name. You can’t stop hackers from attacking your child’s school, and you can’t force the school to update their networks. You can, however, try to ensure that the information a hacker finds on your child is useless.

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.