DBIR Report 2022 - Data Breaches In Education

Thank you.

You will soon receive an email with a link to confirm your access, or follow the link below.

You may now close this message and continue to your article.

Frequency		1,241 incidents, 282 with confirmed data disclosure
Top patterns		System Intrusion, Basic Web Application Attacks, and Miscellaneous Errors represent 80% of breaches
Threat actors		External (75%), Internal (25%) (breaches)
Actor motives		Financial (95%), Espionage (5%) (breaches)
Data compromised		Personal (63%), Credentials (41%), Other (23%), Internal (10%) (breaches)
Top IG1 protective controls		Security Awareness and Skills Training (CSC 14), Access Control Management (CSC 6), Secure Configuration of Enterprise Assets and Software (CSC 4)
What is the same?		This industry continues to be impacted by attacks targeting their external infrastructure and are largely targeted by External actors with Financial motives. However, Educational Services also faces accidents as one of the top causes of breaches." We say 'this industry' too much in the summary.
Summary		Educational Services follows an eerily similar trend to the majority of the other industries; it is experiencing a dramatic increase in Ransomware attacks (over 30% of breaches). In addition, this industry needs to protect itself against stolen credentials and phishing attacks potentially exposing the personal information of its employees and students.

Patterns

5-Year difference

3-Year difference

Basic Web Application Attacks

No change

Greater

System Intrusion

Greater

Greater

Miscellaneous Errors

No change

Less

Pattern

Difference with peers

System Intrusion

Greater

Basic Web Application Attacks

Less

Miscellaneous Errors

Greater

Alright, class is back in session, put away your NSYNC Trapper Keeper and get out a number two pencil, cause you’re about to get schooled on the breaches and incidents impacting the Educational Services industries. System Intrusion, Social Engineering and DoS are the leading causes of incidents and System Intrusion, BWAA and Errors lead the way with regard to breaches. Falling along the peak of the grading curve, this industry also has Use of stolen creds and Ransomware as the top two Actions varieties, which is a very dangerous combination. The rumor is stolen creds and ransomware quit school due to recess, because they don’t play around.

While an erroneous number in a calculation might result in a few points off of your homework, the erroneous end user might result in a data breach. Thirty four percent of the errors found in this industry were from an email sent to the wrong people, or with the wrong attachment.

While errors may have decreased over the past three years, they’re still a relatively normal occurrence that should be taken seriously, especially considering the various troves of data schools handle, we would hate to have our poor little Bobby Tables’ data leaked.²⁵

2017 Year Book

There’s nothing quite like the feeling of nostalgia that hits you when you’re looking over your old yearbook. Signatures and notes from friends long ago, ahh, the good old days. We get that same feeling when looking back at the 2017 DBIR and see Cyber-Espionage as the top breach pattern for this industry. No worries though, Espionage has not graduated and moved away yet. It shows up in 34% of incidents this year. Figure 85 captures the shifts in data and the somewhat dramatic rise of Espionage that is still all too present today. Unfortunately, unlike your opinionated high school friends on social media, you can’t just block espionage from cluttering up your feed.

Patterns	5-Year difference	3-Year difference
Basic Web Application Attacks	No change	Greater
System Intrusion	Greater	Greater
Miscellaneous Errors	No change	Less

Pattern		Difference with peers
System Intrusion		Greater
Basic Web Application Attacks		Less
Miscellaneous Errors		Greater