A local education firm Puget Sound Educational Service District reported a data breach incident that exposed the information of both students and teachers.
The company that helps public, private, and charter schools in the Kind and Pierce Countries said unauthorized access has been made on more than one occasion between spring and summer 2020.
Threat actors who accessed the company’s network managed to access student and teacher emails, containing complete names, birthdates, social security numbers, bank account information, and medical records.
Puget Sound Educational Service is still undergoing initial investigation to know the scope of the breach, leaving no definite answer to how the information was obtained and what further information was compromised.
Executive director Jessica DeBarro said the company is conducting an ‘extensive review’ of all the messages in its system, including all the documents. “The good news is, we have no evidence so far that this information was misused,” said DeBarro.
While the investigation is ongoing, Puget Sound Educational Service has put up new and enhanced security measures to prevent the same incident from happening. Whether or not the hackers were able to access the system through phishing, the company has overhauled its security place.
The company is also contacting those individuals who may be affected by the incident. The possible data exposed in the breach are notified and can reach out to the district through a special assistance hotline of 1-800-223-0837.
“We have a dedicated assistance line which people can call and get more information. We also have put out information on how to put security freezes on one’s credit,” said DeBarro.
Assistive services provided by companies like Puget Sound Educational Service is contracted to deliver and support quality education. These special services are created for regional agencies to help schools all over the country.
Meanwhile, these agencies get attacked by hackers too, because of the comprehensive data available, that could help threat actors obtain what they need. In this incident, it’s expected that hackers have obtained crucial data for fraudulent acts such as bank information and social security numbers.
Agencies are more vulnerable to the lack of superior security in place, leaving significant information open to the public. While the investigation is still ongoing, one thing’s for sure, Puget’s security requires tightening to keep all data safe and secure from threat actors and hackers.