home.social

#edusec — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #edusec, aggregated by home.social.

  1. @argv_minus_one

    I'm not sure I understand why people are trying to research what schools use Canvas. ShinyHunters provided a list of all of the schools that were caught up in this attack:

    databreaches.net/wp-content/up That list has 8,809 entities listed.

    It's not the entire universe of schools that use Canvas, but it's probably an accurate list of the schools that may be affected. A sample list ShinyHunters provided for my earlier report on this incident showed filesizes for: communication_channels.csv.gz, conversation_messages.csv.gz, conversations.csv.gz, and users.csv.gz. There were about 7,780 schools in that sample.

    And yeah, hang on to your Tox because Session is closing in July, it seems.

    #Instructure #Canvas #ShinyHunters #hackandleak #EduSec #databreach

  2. @argv_minus_one

    I'm not sure I understand why people are trying to research what schools use Canvas. ShinyHunters provided a list of all of the schools that were caught up in this attack:

    databreaches.net/wp-content/up That list has 8,809 entities listed.

    It's not the entire universe of schools that use Canvas, but it's probably an accurate list of the schools that may be affected. A sample list ShinyHunters provided for my earlier report on this incident showed filesizes for: communication_channels.csv.gz, conversation_messages.csv.gz, conversations.csv.gz, and users.csv.gz. There were about 7,780 schools in that sample.

    And yeah, hang on to your Tox because Session is closing in July, it seems.

    #Instructure #Canvas #ShinyHunters #hackandleak #EduSec #databreach

  3. @argv_minus_one

    I'm not sure I understand why people are trying to research what schools use Canvas. ShinyHunters provided a list of all of the schools that were caught up in this attack:

    databreaches.net/wp-content/up That list has 8,809 entities listed.

    It's not the entire universe of schools that use Canvas, but it's probably an accurate list of the schools that may be affected. A sample list ShinyHunters provided for my earlier report on this incident showed filesizes for: communication_channels.csv.gz, conversation_messages.csv.gz, conversations.csv.gz, and users.csv.gz. There were about 7,780 schools in that sample.

    And yeah, hang on to your Tox because Session is closing in July, it seems.

    #Instructure #Canvas #ShinyHunters #hackandleak #EduSec #databreach

  4. @argv_minus_one

    I'm not sure I understand why people are trying to research what schools use Canvas. ShinyHunters provided a list of all of the schools that were caught up in this attack:

    databreaches.net/wp-content/up That list has 8,809 entities listed.

    It's not the entire universe of schools that use Canvas, but it's probably an accurate list of the schools that may be affected. A sample list ShinyHunters provided for my earlier report on this incident showed filesizes for: communication_channels.csv.gz, conversation_messages.csv.gz, conversations.csv.gz, and users.csv.gz. There were about 7,780 schools in that sample.

    And yeah, hang on to your Tox because Session is closing in July, it seems.

    #Instructure #Canvas #ShinyHunters #hackandleak #EduSec #databreach

  5. @argv_minus_one

    I'm not sure I understand why people are trying to research what schools use Canvas. ShinyHunters provided a list of all of the schools that were caught up in this attack:

    databreaches.net/wp-content/up That list has 8,809 entities listed.

    It's not the entire universe of schools that use Canvas, but it's probably an accurate list of the schools that may be affected. A sample list ShinyHunters provided for my earlier report on this incident showed filesizes for: communication_channels.csv.gz, conversation_messages.csv.gz, conversations.csv.gz, and users.csv.gz. There were about 7,780 schools in that sample.

    And yeah, hang on to your Tox because Session is closing in July, it seems.

    #Instructure #Canvas #ShinyHunters #hackandleak #EduSec #databreach

  6. OK, so it seems that #ShinyHunters breached #Instructure again and replaced login pages with their own message to schools about how to contact them directly.

    The Canvas login page were replaced with the message in the screenshot below.

    Canvas subsequently replaced the login with "under maintenance" pages.

    #databreach #hackandleak #EduSec #cybersecurity

  7. OK, so it seems that #ShinyHunters breached #Instructure again and replaced login pages with their own message to schools about how to contact them directly.

    The Canvas login page were replaced with the message in the screenshot below.

    Canvas subsequently replaced the login with "under maintenance" pages.

    #databreach #hackandleak #EduSec #cybersecurity

  8. OK, so it seems that #ShinyHunters breached #Instructure again and replaced login pages with their own message to schools about how to contact them directly.

    The Canvas login page were replaced with the message in the screenshot below.

    Canvas subsequently replaced the login with "under maintenance" pages.

    #databreach #hackandleak #EduSec #cybersecurity

  9. OK, so it seems that #ShinyHunters breached #Instructure again and replaced login pages with their own message to schools about how to contact them directly.

    The Canvas login page were replaced with the message in the screenshot below.

    Canvas subsequently replaced the login with "under maintenance" pages.

    #databreach #hackandleak #EduSec #cybersecurity

  10. OK, so it seems that #ShinyHunters breached #Instructure again and replaced login pages with their own message to schools about how to contact them directly.

    The Canvas login page were replaced with the message in the screenshot below.

    Canvas subsequently replaced the login with "under maintenance" pages.

    #databreach #hackandleak #EduSec #cybersecurity

  11. Beginning circa 2010, I would call the NYS Comptroller's Office and the NYC Comptroller's Office to request audits of the NYC Department of Education's IT security, as the 2004 audit and re-audits identified major gaps and problems. My last post criticizing the absence of any current audit was published in 2023.

    They actually were conducting an audit between 2020 - 2025 and the state has just released the public part of the audit report.

    Read Chalkbeat's media coverage of the audit here: chalkbeat.org/newyork/2026/05/

    Read the public part of the audit report here:
    osc.ny.gov/files/state-agencie

    I've posted a few comments at
    databreaches.net/2026/05/05/ny

    #EduSec #NYCPS #audit #NYSComptroller #databreach #infosec #cybersecurity

  12. Beginning circa 2010, I would call the NYS Comptroller's Office and the NYC Comptroller's Office to request audits of the NYC Department of Education's IT security, as the 2004 audit and re-audits identified major gaps and problems. My last post criticizing the absence of any current audit was published in 2023.

    They actually were conducting an audit between 2020 - 2025 and the state has just released the public part of the audit report.

    Read Chalkbeat's media coverage of the audit here: chalkbeat.org/newyork/2026/05/

    Read the public part of the audit report here:
    osc.ny.gov/files/state-agencie

    I've posted a few comments at
    databreaches.net/2026/05/05/ny

    #EduSec #NYCPS #audit #NYSComptroller #databreach #infosec #cybersecurity

  13. Beginning circa 2010, I would call the NYS Comptroller's Office and the NYC Comptroller's Office to request audits of the NYC Department of Education's IT security, as the 2004 audit and re-audits identified major gaps and problems. My last post criticizing the absence of any current audit was published in 2023.

    They actually were conducting an audit between 2020 - 2025 and the state has just released the public part of the audit report.

    Read Chalkbeat's media coverage of the audit here: chalkbeat.org/newyork/2026/05/

    Read the public part of the audit report here:
    osc.ny.gov/files/state-agencie

    I've posted a few comments at
    databreaches.net/2026/05/05/ny

    #EduSec #NYCPS #audit #NYSComptroller #databreach #infosec #cybersecurity

  14. Beginning circa 2010, I would call the NYS Comptroller's Office and the NYC Comptroller's Office to request audits of the NYC Department of Education's IT security, as the 2004 audit and re-audits identified major gaps and problems. My last post criticizing the absence of any current audit was published in 2023.

    They actually were conducting an audit between 2020 - 2025 and the state has just released the public part of the audit report.

    Read Chalkbeat's media coverage of the audit here: chalkbeat.org/newyork/2026/05/

    Read the public part of the audit report here:
    osc.ny.gov/files/state-agencie

    I've posted a few comments at
    databreaches.net/2026/05/05/ny

    #EduSec #NYCPS #audit #NYSComptroller #databreach #infosec #cybersecurity

  15. Beginning circa 2010, I would call the NYS Comptroller's Office and the NYC Comptroller's Office to request audits of the NYC Department of Education's IT security, as the 2004 audit and re-audits identified major gaps and problems. My last post criticizing the absence of any current audit was published in 2023.

    They actually were conducting an audit between 2020 - 2025 and the state has just released the public part of the audit report.

    Read Chalkbeat's media coverage of the audit here: chalkbeat.org/newyork/2026/05/

    Read the public part of the audit report here:
    osc.ny.gov/files/state-agencie

    I've posted a few comments at
    databreaches.net/2026/05/05/ny

    #EduSec #NYCPS #audit #NYSComptroller #databreach #infosec #cybersecurity

  16. @funnymonkey Thanks for the kind words.

    Someone commented on my Instructure post with a comment as "Sysadmin." They wrote:

    "Are you effin kidding me! We got an Email from Instructure saying we were impacted and now we have to inform all the students and families in our district.

    Why do these ShinyHunters keep attacking the edtech sector?? PowerSchool, infinite campus and now this.

    It’s only a Sunday night and law enforcement has still done nothing about these hackers. Regulators really need to hold these companies accountable for poor security practices."

    They raise valid points.

    #edtech #EduSec #cybersecurity #vendor #supplychain #databreach #hackandleak

  17. @funnymonkey Thanks for the kind words.

    Someone commented on my Instructure post with a comment as "Sysadmin." They wrote:

    "Are you effin kidding me! We got an Email from Instructure saying we were impacted and now we have to inform all the students and families in our district.

    Why do these ShinyHunters keep attacking the edtech sector?? PowerSchool, infinite campus and now this.

    It’s only a Sunday night and law enforcement has still done nothing about these hackers. Regulators really need to hold these companies accountable for poor security practices."

    They raise valid points.

    #edtech #EduSec #cybersecurity #vendor #supplychain #databreach #hackandleak

  18. @funnymonkey Thanks for the kind words.

    Someone commented on my Instructure post with a comment as "Sysadmin." They wrote:

    "Are you effin kidding me! We got an Email from Instructure saying we were impacted and now we have to inform all the students and families in our district.

    Why do these ShinyHunters keep attacking the edtech sector?? PowerSchool, infinite campus and now this.

    It’s only a Sunday night and law enforcement has still done nothing about these hackers. Regulators really need to hold these companies accountable for poor security practices."

    They raise valid points.

    #edtech #EduSec #cybersecurity #vendor #supplychain #databreach #hackandleak

  19. @funnymonkey Thanks for the kind words.

    Someone commented on my Instructure post with a comment as "Sysadmin." They wrote:

    "Are you effin kidding me! We got an Email from Instructure saying we were impacted and now we have to inform all the students and families in our district.

    Why do these ShinyHunters keep attacking the edtech sector?? PowerSchool, infinite campus and now this.

    It’s only a Sunday night and law enforcement has still done nothing about these hackers. Regulators really need to hold these companies accountable for poor security practices."

    They raise valid points.

    #edtech #EduSec #cybersecurity #vendor #supplychain #databreach #hackandleak

  20. @funnymonkey Thanks for the kind words.

    Someone commented on my Instructure post with a comment as "Sysadmin." They wrote:

    "Are you effin kidding me! We got an Email from Instructure saying we were impacted and now we have to inform all the students and families in our district.

    Why do these ShinyHunters keep attacking the edtech sector?? PowerSchool, infinite campus and now this.

    It’s only a Sunday night and law enforcement has still done nothing about these hackers. Regulators really need to hold these companies accountable for poor security practices."

    They raise valid points.

    #edtech #EduSec #cybersecurity #vendor #supplychain #databreach #hackandleak

  21. Another #EdTech vendor has allegedly fallen prey to #ShinyHunters in yet another Salesforce-related hack-and-leak incident.

    Follett Software markets Aspen, Destiny, and Classroom Library Manager software to schools.

    The threat actors claim to have acquired 4 million records with PII and other corporate files, and have given Follett until May 4 to contact them.

    Because this is Salesforce related, there may actually be very little identifiable information about students or personnel in the customer support data, unless district or school personnel gave students' names or details in seeking help with the software or specific problems.

    I guess we'll find out soon.

    #EduSec #databreach #hackandleak

    @douglevin @funnymonkey @mkeierleber

  22. Another #EdTech vendor has allegedly fallen prey to #ShinyHunters in yet another Salesforce-related hack-and-leak incident.

    Follett Software markets Aspen, Destiny, and Classroom Library Manager software to schools.

    The threat actors claim to have acquired 4 million records with PII and other corporate files, and have given Follett until May 4 to contact them.

    Because this is Salesforce related, there may actually be very little identifiable information about students or personnel in the customer support data, unless district or school personnel gave students' names or details in seeking help with the software or specific problems.

    I guess we'll find out soon.

    #EduSec #databreach #hackandleak

    @douglevin @funnymonkey @mkeierleber

  23. Another #EdTech vendor has allegedly fallen prey to #ShinyHunters in yet another Salesforce-related hack-and-leak incident.

    Follett Software markets Aspen, Destiny, and Classroom Library Manager software to schools.

    The threat actors claim to have acquired 4 million records with PII and other corporate files, and have given Follett until May 4 to contact them.

    Because this is Salesforce related, there may actually be very little identifiable information about students or personnel in the customer support data, unless district or school personnel gave students' names or details in seeking help with the software or specific problems.

    I guess we'll find out soon.

    #EduSec #databreach #hackandleak

    @douglevin @funnymonkey @mkeierleber

  24. Another #EdTech vendor has allegedly fallen prey to #ShinyHunters in yet another Salesforce-related hack-and-leak incident.

    Follett Software markets Aspen, Destiny, and Classroom Library Manager software to schools.

    The threat actors claim to have acquired 4 million records with PII and other corporate files, and have given Follett until May 4 to contact them.

    Because this is Salesforce related, there may actually be very little identifiable information about students or personnel in the customer support data, unless district or school personnel gave students' names or details in seeking help with the software or specific problems.

    I guess we'll find out soon.

    #EduSec #databreach #hackandleak

    @douglevin @funnymonkey @mkeierleber

  25. Another #EdTech vendor has allegedly fallen prey to #ShinyHunters in yet another Salesforce-related hack-and-leak incident.

    Follett Software markets Aspen, Destiny, and Classroom Library Manager software to schools.

    The threat actors claim to have acquired 4 million records with PII and other corporate files, and have given Follett until May 4 to contact them.

    Because this is Salesforce related, there may actually be very little identifiable information about students or personnel in the customer support data, unless district or school personnel gave students' names or details in seeking help with the software or specific problems.

    I guess we'll find out soon.

    #EduSec #databreach #hackandleak

    @douglevin @funnymonkey @mkeierleber

  26. Tax documents for school employees potentially stolen across Los Angeles County:

    At least two districts seem to have reported that employees discovered false tax returns had been filed, but the districts haven't been named, so DataBreaches started looking and may have identified one (then again, it may not be one of them!).

    h/t, Los Angeles Daily News

    My post:
    databreaches.net/2026/04/18/ta

    #EduSec #databreach #IDtheft #TaxRefundFraud #cybersecurity #ransomware #Rhysida_Trojan

    @douglevin @funnymonkey @mkeierleber

  27. Tax documents for school employees potentially stolen across Los Angeles County:

    At least two districts seem to have reported that employees discovered false tax returns had been filed, but the districts haven't been named, so DataBreaches started looking and may have identified one (then again, it may not be one of them!).

    h/t, Los Angeles Daily News

    My post:
    databreaches.net/2026/04/18/ta

    #EduSec #databreach #IDtheft #TaxRefundFraud #cybersecurity #ransomware #Rhysida_Trojan

    @douglevin @funnymonkey @mkeierleber

  28. Tax documents for school employees potentially stolen across Los Angeles County:

    At least two districts seem to have reported that employees discovered false tax returns had been filed, but the districts haven't been named, so DataBreaches started looking and may have identified one (then again, it may not be one of them!).

    h/t, Los Angeles Daily News

    My post:
    databreaches.net/2026/04/18/ta

    #EduSec #databreach #IDtheft #TaxRefundFraud #cybersecurity #ransomware #Rhysida_Trojan

    @douglevin @funnymonkey @mkeierleber

  29. Tax documents for school employees potentially stolen across Los Angeles County:

    At least two districts seem to have reported that employees discovered false tax returns had been filed, but the districts haven't been named, so DataBreaches started looking and may have identified one (then again, it may not be one of them!).

    h/t, Los Angeles Daily News

    My post:
    databreaches.net/2026/04/18/ta

    #EduSec #databreach #IDtheft #TaxRefundFraud #cybersecurity #ransomware #Rhysida_Trojan

    @douglevin @funnymonkey @mkeierleber

  30. Tax documents for school employees potentially stolen across Los Angeles County:

    At least two districts seem to have reported that employees discovered false tax returns had been filed, but the districts haven't been named, so DataBreaches started looking and may have identified one (then again, it may not be one of them!).

    h/t, Los Angeles Daily News

    My post:
    databreaches.net/2026/04/18/ta

    #EduSec #databreach #IDtheft #TaxRefundFraud #cybersecurity #ransomware #Rhysida_Trojan

    @douglevin @funnymonkey @mkeierleber

  31. Several #EdTech folks asked me to review the #InfiniteCampus data dump by #ShinyHunters to see if any sensitive student data was leaked as part of it.

    I wrote up what I found here: databreaches.net/2026/03/28/th

    One takeaway for school districts is to remind employees NOT to include student PII or PHI in support tickets to vendors. I've been told it is sometimes required or necessary, but then why weren't tickets like the ones I saw stored with encryption?

    #databreach #EduSec #cybersecurity
    @mkeierleber @douglevin @funnymonkey

  32. "Manassas City Public Schools (MCPS) are closed on Monday due to a cybersecurity incident that has led to connectivity disruptions and phone outages across the school system, officials said.

    Dr. Kevin Newman, MCPS superintendent, said in a post on Facebook on Sunday that all MCPS schools will be closed on Monday, November 10, as a precautionary measure to ensure the safety and security of students, teachers, and staff. The school campuses are not at risk, he said."

    wjla.com/news/local/virginia-p

    @douglevin @funnymonkey @mkeierleber

    #EduSec #cybersecurity #databreach

  33. Entities rush to declare that data hasn't been stolen/they haven't been hacked. They often wind up looking like liars or just more incompetent when the hacker starts dumping or leaking data as proof.

    This week's example: U. of Pennsylvania, which quickly declared they hadn't been hacked and it was just a vulgar email sent out. The hacker seems to have proved otherwise.

    bleepingcomputer.com/news/secu

    #EduSec #databreach #cybersecurity #UPenn

  34. Two years after an audit highlighted significant concerns, the North Salem Central School District in New York is still leaving sensitive student data at risk.

    When I read audits and follow-ups like these, I wonder whether the parents of the students in the district are aware of these reports at all. Maybe local #PTAs should be forwarding copies of these reports to parents and asking the district why more hasn't been done to implement recommendations made years ago.

    osc.ny.gov/local-government/au

    And yes, some of you will remind me to have empathy for school districts and understaffed IT personnel. But if we don't want to see any Kido Schools breach here, we'd better start demanding more security and tolerating fewer explanations for inadequate security of student data.

    @douglevin @funnymonkey @mkeierleber

    #edusec #infosecurity

  35. Earlier today, Matthew Lane, the 19-year old from Massachusetts who confessed to hacking a telecom and #PowerSchool, was sentenced to 4 years in prison, 3 years supervised release after that, $14M in restitution, and forfeiture of $160k.

    #EduSec #cybersecurity #ShinyHunters #G0retrance #databreach

  36. Earlier today, Matthew Lane, the 19-year old from Massachusetts who confessed to hacking a telecom and #PowerSchool, was sentenced to 4 years in prison, 3 years supervised release after that, $14M in restitution, and forfeiture of $160k.

    #EduSec #cybersecurity #ShinyHunters #G0retrance #databreach

  37. Earlier today, Matthew Lane, the 19-year old from Massachusetts who confessed to hacking a telecom and #PowerSchool, was sentenced to 4 years in prison, 3 years supervised release after that, $14M in restitution, and forfeiture of $160k.

    #EduSec #cybersecurity #ShinyHunters #G0retrance #databreach

  38. Earlier today, Matthew Lane, the 19-year old from Massachusetts who confessed to hacking a telecom and #PowerSchool, was sentenced to 4 years in prison, 3 years supervised release after that, $14M in restitution, and forfeiture of $160k.

    #EduSec #cybersecurity #ShinyHunters #G0retrance #databreach

  39. Earlier today, Matthew Lane, the 19-year old from Massachusetts who confessed to hacking a telecom and #PowerSchool, was sentenced to 4 years in prison, 3 years supervised release after that, $14M in restitution, and forfeiture of $160k.

    #EduSec #cybersecurity #ShinyHunters #G0retrance #databreach