If there was ever a reminder that cyber security is of utmost importance to school-portrait companies, this recent news report brings that home.
Data terrorists are stealing children's confidential files from schools with relative ease and dumping their info on the dark web unless the school districts pay a ransom, according to experts.
Most of the time, the victims will not even know it happened, said Ross Brewer, CRO of SimSpace, with 30 years of experience in cybersecurity.
"This is highly personal information we're talking about," Brewer told Fox News Digital. "Schools are an attractive target for criminals because they know schools store large amounts of personally identifiable information on their students and often their parents."
"This could be a student's psychological issues, even suicide attempts, health information, truancies, parent interactions that are scooped up in these hacks."
This disturbing crime trend first gained traction during the pandemic, then temporarily dipped in 2020 and 2021 before it became a lucrative and widespread crime over the last year and a half.
"In 2022, 65 individual ransomware attacks affected 1,436 schools and colleges, potentially impacting 1,074,926 students," according to a July 2023 study by Comparitech, which has uncovered large-scale cybersecurity breaches around the world.
There have already been 37 confirmed attacks on schools this year, compared to 26 at this point last year, Comparitech reported.
Between June 2022 and May 2023, there were 190 known ransomware attacks against educational institutions, which included an 84% spike over the last six months, according to a study by Malwarebytes, which included colleges and universities.
"The education sector is particularly vulnerable to cybercriminals, because schools are more worried about teaching their students than about cybersecurity," Brewer said. "Schools are often not well-resourced, with low IT budgets meaning they cannot afford the latest cyber defenses."
In March, a cybergang hacked the Minneapolis School District and demanded a $1 million ransom.
The district did not engage with the ransom demands, and more than 300,00 intimate student files were uploaded to the dark web, including complete sexual assault case folios, medical records, discrimination complaints, Social Security numbers, and contact information of district employees.