Cybersecurity Researcher Finds School Shooting Emergency Plans Exposed Online
The records were accessible to the public online and included highly sensitive school emergency planning and security documents.
Photo: jijomathai, Adobe Stock
More than 4 million records that included emergency planning and security documents from U.S. schools were recently discovered by an ethical cybersecurity researcher.
The 800 gigabytes of files and logs, which were linked to school software provider Raptor Technologies, included highly sensitive documents, including school evacuation plans, locations of doors that have broken locks and security cameras that don’t work, maps that showed overall building vulnerabilities, threat reports, safety drills, medical records, court documents relating to restraining orders, school shooting response plans, and more, reports Wired. The records were in a non-password-protected database and were dated from 2022 and 2023.
Fortunately, the records were found by Jeremiah Fowler, an ethical cybersecurity expert who promptly informed Raptor Technologies about the leak, reports CBS News. The company then immediately secured the data.
Fowler said all of the documents were uploaded by schools to Raptor’s systems, reports Wired. If such sensitive data fell into the wrong hands, it could be used by cybercriminals. School districts often are a target of ransomware gangs, and last year, 108 districts were victims of ransomware, reports Emsisoft.
However, according to Raptor’s Chief Marketing Officer David Rodgers, there is no evidence that any of the materials that were inadvertently made public have been misused.
“We care deeply about the safety and wellbeing of children and all those community members our customers serve, which is exactly why we took prompt action when made aware by a cybersecurity researcher of an issue involving certain cloud-hosted data repositories,” Rodgers said in a statement obtained by CBS News. “We secured the data repositories in question and communicated with our customers. We are committed to safeguarding our customers’ information and their trust in line with our mission to protect every child, every school, every day.”
If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
About the Author
Robin Hattersley, Editor-in-Chief
Robin has been covering the security and campus law enforcement industries since 1998 and is a specialist in school, university and hospital security, public safety and emergency management, as well as emerging technologies and systems integration. She joined CS in 2005 and has authored award-winning editorial on campus law enforcement and security funding, officer recruitment and retention, access control, IP video, network integration, event management, crime trends, the Clery Act, Title IX compliance, sexual assault, dating abuse, emergency communications, incident management software and more. Robin has been featured on national and local media outlets and was formerly associate editor for the trade publication Security Sales & Integration. She obtained her undergraduate degree in history from California State University, Long Beach.
Related Content
Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century
This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!
