The K-12 Cyber Incident Map

In Cybersecurity, Education by Ken Nero

Every year, Ed Tech Strategies, a Virginia-based research and counsel consultancy, published a K–12 Cyber Incident Map– an interactive visualization of cybersecurity-related incidents affecting K–12 public schools and districts in the United States.

Since January 1, 2016, U.S. K-12 public schools and districts were reported to have experienced at least 1,331 cyber security-related incidents resulting in the disclosure of personal information, the loss of taxpayer dollars, and the loss of instructional time. Some of these incidents have resulted in identity theft, as well as criminal charges for the perpetrators.

Why Was it Created?

The K-12 Cyber Incident Map was created to build a data-based awareness of the scope and variety of digital security and privacy threats facing K-12 public schools and districts. As public education increasingly relies on technology for teaching, learning, assessment and school operations, it is imperative that effective policy and practice is in place to protect children and youth, school employees, and taxpayer-funded equipment and services. It also is intended to shed a light on the need for uniform standards for disclosing cyber incidents affecting schools, students, and educators.

What does the map cover?

The map identifies incidents using color-coded pins. The cyber incidents include:

  • BLUE – Phishing attacks resulting in the disclosure of personal data
  • PURPLE – Other unauthorized disclosures, breaches or hacks resulting in the disclosure of personal data
  • YELLOW – Ransomware attacks
  • GREEN – Denial of service attacks
  • RED – Other cyber incidents resulting in school disruptions and unauthorized disclosures

Where Does the Data Come From?

This map and underlying dataset is painstakingly assembled from a variety of sources, including extensive online searches and consultation with experts. Publicly available compilations include:

Nonetheless, the dataset underlying this map is undeniably incomplete and may contain errors. Neither school districts nor their vendors are compelled to make public disclosures of every potentially significant incident (if required at all by state data breach notification laws), and media reports can be short and ambiguous.

How can I report an incident?

You may view the map by visiting the