As more institutions switch to online and hybrid learning environments, the risk of data breaches and cyberattacks is even greater

How devaluing students’ data can keep it safe from cyberattacks


As more institutions switch to online and hybrid learning environments, the risk of data breaches and cyberattacks is even greater

Cyberattacks on colleges and universities are on the rise following many institutions’ transition to online and hybrid classes.

Higher education institutions’ databases are gold mines for cybercriminals because they store massive amounts of personally identifiable information (PII) like social security numbers and payment information. If an attack is successful, cybercriminals can expose this data, risking identity theft, fraud and exorbitant costs for schools. In 2019, the average cost for data breaches in the U.S. education industry rose to $142 per record loss–$45 above the worldwide average.

As education becomes more digitized, the pressure to keep student data safe and mitigate the impact of costly data breaches is at an all-time high. Devaluing students’ data could be the solution for this issue that many institutions face as they transition to e-learning environments.

Attackers targeting colleges and universities: Why and how?

The primary motive for data breaches is financial gain. Cybercriminals use social engineering tactics, like phishing, to obtain PII and sell it on the black market, often for hundreds of dollars. Attackers also use ransomware, which is a form of malware that encrypts a victim’s files, essentially holding the victim’s data hostage until they pay the attacker.

Human error accounts for 35 percent of data breaches in the education sector. Institutions spend little time training educators in cybersafety, and most still don’t have adequate cybersecurity training. It doesn’t help that only 5 percent of college and university budgets are allocated to IT services. The lack of cybersecurity training within institutions, along with the thousands of users on the network who are using personal devices creates easier access to data for attackers. They often can take advantage of unsuspecting students and faculty by tricking them into clicking on phishing links in emails and other malicious tactics.

eSchool Media Contributors