Lakeland Community College in Ohio has notified approximately 290,000 individuals of a data theft breach that occurred between March 7 and March 31. While specific details of the attack were not provided in the breach notification, it was earlier listed by the Vice Society ransomware group on its data leak website. The incident highlights the growing trend of educational institutions becoming favored targets for cybercriminals.
A Sophos survey found that around 80% of schools reported hacking incidents, including ransomware attacks, in the past year, underlining the vulnerabilities within the education sector.
Security researchers emphasize that cybercriminals are increasingly targeting the education sector, which often lacks adequate resources and technology compared to other industries. The breach at Lakeland Community College, while relatively small in scale, underscores the vulnerabilities in smaller educational institutions.
The incident exposed sensitive personal, financial, and health information of affected individuals, including Social Security numbers, birthdates, driver’s license numbers, financial account data, and more.
To address the rising threat to educational institutions, the U.S. federal government has initiated measures to enhance cybersecurity defenses in the education sector, particularly for K-12 schools.
These measures include training programs, cyber exercises, guidance documents, and proposed funding to strengthen the cyber defenses of school districts and public libraries. The breach at Lakeland Community College serves as a stark reminder of the urgent need for improved cybersecurity measures in the education industry to protect sensitive data and prevent future cyberattacks.