SchoolDude Breach Compromised 3 Million User Accounts
Brightly Software, a US tech company, has disclosed a breach within the database of its SchoolDude platform. The breach occurred in April, and resulted in hackers compromising nearly three million user accounts. SchoolDude is a cloud-based work order management system used by over 7,000 colleges, universities, and grade schools in school districts with up to 600,000 students.
The stolen data is believed to include names, email addresses, account passwords, phone numbers, and school district names. The affected users include school employees such as principals, executives, maintenance workers, and other staff members who submit repair requests, along with the students themselves.
Those affected received a notification from Brightly Software regarding the incident, where the company stated that an unauthorized actor had gained access to the SchoolDude user database, compromising certain account information. Bleeping Computer reported that the incident affected a total of 2,964,292 customers and users of SchoolDude. Moreover, a system administrator on Reddit, who received the breach notification, reported that the stolen data was not encrypted.
In response to the breach, Brightly Software took swift action to reset the passwords of all SchoolDude users. Brightly emphasized the importance of using strong passwords for each online account. Additionally, those using their SchoolDude password for other accounts are advised to promptly change their passwords on those platforms.
Brightly Software promptly reported the incident to relevant law enforcement authorities and enlisted the services of third-party security experts to investigate the attack. According to a notification filed with the Office of Maine's Attorney General, the breach occurred between April 20 and April 28.
Brightly, a subsidiary of Siemens, has many other SaaS solutions used by more than 12,000 organizations worldwide, primarily in the US, Canada, Australia, and the United Kingdom.
Affected customers are advised to remain vigilant and closely monitor their accounts for any signs of suspicious activity. In light of this security incident, and other similar recent incidents, it is crucial for readers to protect their online data by using strong and unique passwords. Using a password generator and manager, along with regularly updating passwords, is the best way to protect your online credentials.
Please, comment on how to improve this article. Your feedback matters!