K-12 Cybersecurity Insider | 10/20/2025 edition

Written By Doug Levin

A biweekly newsletter providing curated cybersecurity news to the K-12 community, as a public service of K12 SIX. Sign up for the K12 SIX mailing list to have future editions delivered to your inbox.

Mark Your Calendar

In the News

Lessons Learned from the PowerSchool Incident

After pleading guilty to hacking and extorting from ed tech giant PowerSchool, 19-year-old Matthew Lane was recently sentenced to four years in prison and nearly $14.1 million in restitution. Although Lane has been held accountable for the PowerSchool cyberattack and sentenced to prison, “the damage is done” from the leak of the school districts’ sensitive data, Doug Levin, K12 SIX Director said. “There’s no putting the genie back in the bottle.” K-12 cybersecurity remains “an ongoing problem,” and cyberattacks against schools won’t stop just because someone was held accountable for the PowerSchool incident, Levin said.

Yet Another $1M+ Victim of a BEC Attack Targeting a School Construction Project

This one victimizing a New York school system. The frustration: this is a well-established tactic with a long history of claiming U.S. school district victims. Case in point: Here is K12 SIX Director Doug Levin expressing these same thoughts in a story about another victim in - wait for it - January of 2020. We know how to prevent these attacks, but it requires cooperation of school system finance/accounts payable offices, strong policies for verification of ACH account routing change requests, and a no-exceptions adherence to that policy.

Audit: TN Department of Education Lacks Critical Controls Over Statewide Information Systems

In an audit conducted by Tennessee Comptroller of the Treasury/Division of State Audit and published earlier this month, the Department of Education was found to lack sufficient controls for managing information systems responsible for the oversight of “billions of dollars in state and federal funds.” These information systems are integral to managing student data, allocating education funding, licensing educators, administering assessments, and supporting statewide planning and reporting. While the specific nature of the audit finding was redacted due to the sensitivity of the concern, the Department concurred with the finding: “We concur. The Department recognizes and understands the criticality of ensuring adherence to the general controls over the information systems….The Department is taking all steps to ensure the ongoing security of data and all associated systems.”

4th Annual National K-12 Cybersecurity Leadership Conference (Feb 2026): Call for Speakers, Early Bird Registration Closes 10/31 

The National K-12 Cybersecurity Leadership Conference is a unique event designed to identify and share solutions and best practices to better defend the K-12 education sector from emerging cybersecurity threats, such as ransomware and data breaches. Participants from past conferences report overwhelmingly positive feedback about the conference: “I just wanted to reach out to say thank you again for an amazing conference. My team and I all agreed that was by far one of our best conferences any of us have ever attended.” The 4th Annual conference will be held February 24-26, 2026 in Albuquerque, NM.

Members Get More

The K12 Security Information eXchange (K12 SIX) operates as the independent, non-profit information sharing and analysis center (ISAC) exclusively for the K-12 education sector. Founded in 2020, organizations eligible for membership include school districts, charter schools and charter management organizations, private/independent schools, regional education agencies, and state education agencies. K12 SIX members get more.

Doug Levin
Next

K-12 Cybersecurity Insider | 9/29/2025 edition