Galloway Township Public Schools, a New Jersey public school district, has lost $200,000 due to a "cybersecurity incident," Superintendent Annette Giaquinto told Press of Atlantic City.
The cybersecurity incident involved two fraudulent wire transfers of $200,000 each, Giaquinto noted. District officials found out about the incident on September 27.
District officials have recovered one of the wire transfers thus far, Giaquinto indicated. They also are making efforts to recover the remaining balance.
In addition, district officials have launched an investigation into the cybersecurity incident, Giaquinto stated. They believe the incident is limited to district staff members' login credentials, Giaquinto said, and do not believe students or their families have been affected.
Data Privacy Issues Plague School Districts Nationwide
School districts nationwide are susceptible to cyberattacks, due in part to a lack of data privacy training for teachers.
Seventy-four percent of U.S. teachers have used classroom apps not required by their school district in which they have entered sensitive academic or behavioral student data, according to a survey conducted by the Parent Coalition for Student Privacy (PCSP). Also, the PCSP survey indicated that 68 percent of teachers said they have received no training from their schools on how to minimize the chances that personal data will be breached or abused.
More than 350 cybersecurity incidents have been publicly documented by U.S. K-12 schools since January 2016, PCSP reported. However, with the proper training, teachers could help school districts minimize the risk of cybersecurity incidents.
Tips to Help School Districts Reduce Cyber Risk
PCSP offered the following recommendations to help school districts reduce or eliminate cyber risks:
- Teach educators about federal and state employment and social media laws, along with school, district or other data privacy policies.
- Review the privacy policy or terms of service (TOS) of any app or program used in a classroom to determine if it complies with state and federal privacy laws.
- If possible, don't use social media for school-related purposes.
- Avoid apps or online programs that have not been vetted by a district technology officer.
MSSPs also can partner with school districts to promote cybersecurity awareness and training. With MSSP support, school districts can determine the best ways to safeguard their critical data and infrastructure against cyberattacks.
