chat
expand_more

Education Sector Hit Hard: 650,000 Emails Exposed in Recent Cyberattacks

Cyberattacks on schools have surged, exposing 650K+ records in the last 60 days. As the school year begins, phishing is a key threat to students, teachers, and staff.
August 28, 2024

Summer is coming to an end, and schools are starting to gear up for the new year, but one troubling trend is emerging. Educational institutions across the United States are becoming easy prey for cybercriminals. Several recent data breaches exposed the email addresses of thousands of students, teachers, and staff.

More than 650,000 records from several educational institutions were hacked in the last 60 days. This trend suggests an increase in targeted cyberattacks as schools get ready for the new 2024 academic year.

June 13: Data Breach Impacts 46,169 University Students

On June 13, 2024, a significant breach occurred involving the data of 46,169 university students in the United States. This sensitive information was shared on a cybercrime forum, putting these students at risk. The breach included personal details such as names, email addresses, and other identifiers, leaving students vulnerable to identity theft and other forms of cyber exploitation.

Education Attacks 1 University Students Hack

June 13: 576,735 Records Exposed in Elementary School Teachers' Data Breach

On the same day, another breach was posted, this time affecting elementary school teachers in the United States. Data from Agile CRM, a customer relationship management platform, was leaked, including 576,735 records related to teachers' personal information.

Education Attacks 2 Elementary Teachers Hack

While the attacker initially shared 1,000 rows for free, they also offered an additional 500,000 rows for sale. This breach compromised not only the teachers' email addresses but also their professional credentials—making them targets for phishing schemes designed to harvest even more sensitive information.

July 10: Data Breach Targeting Rowan College at Burlington County Compromises 27,000 Records

Just a month later, Rowan College at Burlington County (RCBC) in New Jersey became the victim of a significant cyberattack. In this incident, 27,000 records were posted online, including personal and contact details of students and staff.

Education Attacks 3 RCBC Hack

With email addresses and other contact information exposed, RCBC students and faculty are now at increased risk of being targeted by phishing attacks designed to extract more information or compromise their online accounts.

July 19: $200 Million IT System Breach Impacting 25,000

The most alarming breach occurred on July 19, 2024 when a cybercriminal gained access to a major IT system associated with an educational institution that generates $200 million in revenue. The attacker managed to obtain two CSV files containing employee emails and messages—along with the ability to send official emails, extract data, and reveal the institution’s database type.

Education Attacks 4 250mm Edu Institution Hack

Additionally, the breach impacted 25,000 connected computers, further expanding the potential damage. This incident is particularly concerning because it not only compromised personal data but also granted the attacker significant control over the institution’s communications and data systems.

Phishing Is the Primary Attack Vector

Adding up the numbers demonstrates the staggering scale of these breaches. More than 650,000 records have been compromised across multiple educational institutions, with email addresses being the common targets in all breaches. The sensitivity of the data involved—from student records to employee communications—suggests that the main threat here is an explosion of phishing attacks.

For example, a student whose email was exposed in the June 13 university breach may get an apparent email from their school's IT department claiming their account has been compromised, which includes a link to a fake login page to "reset" their password. If they enter their credentials, the attacker can access their real account and possibly steal their identity or gain unauthorized access to other personal or financial information.

Similarly, a breach of the IT system of a major educational institution on July 19 is alarming. With official emails in hand, attackers could mount a phishing campaign that looks legitimate to employees and cause widespread credential theft.

Get AI-Powered Protection Against Email Threats

A new wave of cyberattacks against the education sector shows that no institution is immune to such threats—and they are likely only going to increase as students and teachers return to campus.

Detecting and blocking sophisticated threats requires AI solutions that analyze communication patterns in real time, spot anomalies, and adapt to new tactics. With an AI-native email security platform like Abnormal Security, you can proactively deter phishing before it reaches your inboxes.

Ready to see how Abnormal can prepare your institution for what lies ahead? Request a demo today to see how we’re protecting humans with AI.

Schedule a Demo
Education Sector Hit Hard: 650,000 Emails Exposed in Recent Cyberattacks

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B Proofpoint Customer Story Blog 8
A Fortune 500 transportation and logistics leader blocked more than 6,700 attacks missed by Proofpoint and reclaimed 350 SOC hours per month by adding Abnormal to its security stack.
Read More
B Gartner MQ 2024 Announcement Blog
Abnormal Security was named a Leader in the 2024 Gartner Magic Quadrant for Email Security Platforms and positioned furthest for Completeness of Vision.
Read More
B Gift Card Scams Tricker to Spot Blog
Learn why gift card scams are becoming more difficult to identify, how cybercriminals evolve their tactics, and strategies to protect your organization.
Read More
B Offensive AI 12 16 24
Learn how AI is used in cybersecurity, what defensive AI vs. offensive AI means, and how to use defensive AI to combat offensive AI.
Read More
B Proofpoint Customer Story Blog 7
See how Abnormal's AI helped a Fortune 500 insurance provider detect 27,847 threats missed by Proofpoint and save 6,600+ hours in employee productivity.
Read More
B Cyberattack Forecast Emerging Threats Blog
Uncover the latest email threats and strategies to strengthen your cybersecurity and prepare for 2025.
Read More