K-12 Cybersecurity Insider | 3/23/2026 edition

Written By Doug Levin

A biweekly newsletter providing curated cybersecurity news to the K-12 community, as a public service of K12 SIX. Sign up for the K12 SIX mailing list to have future editions delivered to your inbox.

Mark Your Calendar

In the News

Hacktivists Claim Breach of P3 School Security/Anonymous Tip App

In a story first reported by Mikael Thalen of Straight Arrow News (SAN), hacktivist(s) apparently stole data from P3 Global Intel, a cloud-based tip and intelligence management platform. Readers unfamiliar with P3 Global Intel may be more familiar with P3 Campus (the school-branded version of the platform) or with the parent company, Navigate360 (which offers a complete suite of integrated school safety solutions). Over 8 million records are claimed to have been exfiltrated, including tip submissions and narratives, two-way chat communications, personal identifiers (names, phone numbers, emails, addresses), and other highly sensitive data (such as Social Security numbers). Thalen writes: “Many school-related messages viewed by SAN involved highly sensitive matters, such as self-harm, suicide and threats of violence.” This one has the potential to be very bad, folks - and offers a cautionary tale about the cybersecurity practices of physical security software and device companies.

Test-Prep Provider Kaplan Breached

Three months after unauthorized access was first determined to have occurred, Kaplan is now notifying affected parties of a breach of data that may include some combination of names, social security numbers, driver’s license numbers, and more. While they also serve higher education and business customers, they are well known in K-12 for providing SAT/ACT/AP test preparation services to schools and individual students. The threat actor maintained access to Kaplan’s servers over a 3 week period between Oct 30 and Nov 18, 2025. In their (Maine) notification letter, Kaplan writes: “To help prevent a similar incident from happening again, Kaplan will continue to invest in the security of its computer systems and has implemented additional measures to further enhance the security of the Kaplan IT network.” A fine statement for what it is, but is it enough?

Conservative Parents and Teachers Unions Become Unlikely Allies Fighting Tech in Schools

The critiques of the use and adoption of technology in U.S. K-12 are myriad: consumerism/advertising, inappropriate content, online bullying and harassment, invasive monitoring, anti-intellectual distraction machines, cheating, scams, data breaches, student health/screen time - and that’s just the tip of the iceberg. Some will argue these critiques are about consumer technology or technology used by children and youth outside of school and not tools and devices designed specifically for and used in K-12 settings. Yet, that has long seemed a distinction without a difference, especially because the firewall between consumer/enterprise and education technology in schools is so weak and porous. While there has long been a counter-movement to technology in K-12, it has more recently gained momentum - and brought some unlikely parties together over shared concerns. Where this all goes is unclear (and whether any remedies may be worse than the harm), but it may presage the end of the ‘anything goes’ era of technology use in schools - and that may not be such a bad outcome.

Members Get More

The K12 Security Information eXchange (K12 SIX) operates as the independent, non-profit information sharing and analysis center (ISAC) exclusively for the K-12 education sector. Founded in 2020, organizations eligible for membership include school districts, charter schools and charter management organizations, private/independent schools, regional education agencies, and state education agencies. K12 SIX members get more.

Doug Levin
Next

K-12 Cybersecurity Insider | 2/9/2026 edition