Hackers are focusing their attention on educational institutions more than ever before. This might sound like a waste of time, right? Why would someone want to hack a school district when there are other options that seem more logical, for example, financial institutions and banking apps? However, looking at this from a hacker’s perspective, it will begin to make much more sense. There are many reasons a hacker would target a school district, with the primary being something they love the most: DATA.

First, let’s begin with employees since hacking their information seems very useful. The vast amount of demographic and administrative data of employees the school or district collects is a treat for hackers. This can be personal information, such as their names, addresses, dates of birth, and photos, as well as more sensitive information like their Social Security numbers, banking information, education credentials, and work records.

Moving ahead to the next set of targets, we come to the students. Schools often retain a lot of information about their students, including complete names, home addresses, birthdays, health records, and the PII associated with the guardians of the students. This information is enough for financial fraud. Student personal information is valuable since criminals can use it to obtain credit. If they succeed in identity theft, they can create several accounts using the student’s credentials, thereby ruining the student’s credit. What makes this worse is how long it can take for someone to realize it has happened. It is only when they try to build credit or even apply for a college loan at age 18, do they uncover that they are a victim.

For instance, hackers released information about students and employees after the attack on a Public School in Ohio. The breach contained information like social security numbers, home addresses, and more basic data like names, dates of birth, and gender. Surprisingly, a few months later, a father noticed someone had started attempting to apply for a credit card and a vehicle loan in the name of his elementary school-aged child. Cases like this show what attracts hackers to the vast data available in school districts, highlighting the need to improve their cybersecurity.

People have historically chosen to live in a particular neighborhood based on the reputation of the public school. Maybe it is the reputation for educational excellence, a renowned sports program, or historical significance that drove a student’s decision to enroll. But in the future, it should not come as a surprise if decisions become rooted in how confident the student is regarding the security of their personal information. Additionally, how will states react to cybersecurity spending when the state-aided districts require incident response and reactive emergency cybersecurity spending.