Aug 21, 2019, 2:29 PM
(From Wired) A recent case of student hacking revealed vulnerabilities in education software popular among K-12 schools — and underscored the gap between school security measures and the tech firms that sell these software systems. Bill Demirkapi, the 18-year-old student hacker, found a series of common web bugs in Blackboard and Follett’s software that allowed access to data from more than 5,000 schools, with roughly 5 million individual records in total. For Blackboard, that data included phone numbers, bus routes, attendance and immunization records. In Follet’s software, vulnerable data included grade point average, number of suspensions and unencrypted passwords. “The state of cybersecurity in education software is really bad, and not enough people are paying attention to it,” said Demirkapi. While both companies have fixed the software flaws that Demirkapi found, cybersecurity experts urge for bringing greater accountability to software companies that promise security.
Related Content
Cybersecurity Goes Beyond the Technology Office
Risk & Compliance: Cybersecurity and Master Planning
The General and the Diplomat: Protecting Data at Independent Schools
Listen to the latest episode of the Net Assets podcast.
