Florida Virtual School program: Nearly 370,000 teacher and student information data leaked

Do Son March 14, 2018 2 minutes read

The Florida Virtual School (FLVS), founded in 1997, is the nation’s first and largest public virtual school. The school became a fully independent educational entity after it was approved by state legislation in 2000. It has the qualifications of recruiting full-time online students and provides online distance education for primary and secondary school students.

According to a number of foreign media reports, FLVS seems to be the latest victim of data breaches, and the sensitive personal information of nearly 370,000 teachers and students may have been leaked.

In a statement, FLVS stated that the leak may have occurred between May 6, 2016, and February 12, 2018, but it was not disclosed until the school last Friday. According to the statement, more than 368,000 students who are graduating or have graduated, as well as more than 2,000 teachers, may be affected.

The FLVS said that their IT staff found on February 12 that criminals posted on hacking sites claiming they had obtained internal data from the FLVS school for the past two years.

The FLVS immediately conducted an internal investigation on the matter, and the survey results showed that a server in the FLVS had an issue of misconfiguration in the eyes, which caused the server to be “fully open” to hackers.

The survey also found that data that can be accessed by hackers may include the student’s name, date of birth, school account username and password, and their parent’s name and email address. For school teachers, leaked information may also include social security numbers (SSN), home addresses, phone numbers, and certain demographic information.

At present, FLVS has informed the Florida State Department of Enforcement (FDLE) and the Federal Bureau of Investigation (FBI). At the same time, FLVS continues to conduct internal investigations and assist law enforcement agencies in capturing the criminals behind the incident.

In addition, FLVS will also provide a one-year annual free credit monitoring service provided by the credit report agency Experian for each teacher and student affected by the leak.

Source: wfla

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal

Written by

@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Tags: Florida Virtual School