Long-time Slashdot reader phalse phace quotes NBC News: Most don’t have bank passwords. Few have credit scores yet. And still, parts of the internet are awash in the personal information of millions of schoolchildren.
The ongoing wave of ransomware attacks has cost companies and institutions billions of dollars and exposed personal information about everyone from hospital patients to police officers. It’s also swept up school districts, meaning files from thousands of schools are currently visible on those hackers’ sites.
NBC News collected and analyzed school files from those sites and found they’re littered with personal information of children. In 2021, ransomware gangs published data from more than 1,200 American K-12 schools, according to a tally provided to NBC News by Brett Callow, a ransomware analyst at the cybersecurity company Emsisoft.
Some schools contacted about the leaks appeared unaware of the problem. And even after schools are able to resume operations following an attack, parents have little recourse when their children’s information is leaked. Some of the data is personal, like medical conditions or family financial statuses. Other pieces of data, such as Social Security numbers or birthdays, are permanent indicators of who they are, and their theft can set up a child for a lifetime of potential identity theft.