Live disclosure tracker · updated continuously

Education Sector Data Breaches

Universities, K-12 districts, and ed-tech vendors hold massive student-record databases that attract identity-theft operations and ransomware groups. Below is every education-sector breach LeakTrace has indexed.

98B+

Records Exposed

405

Incidents

94+

Countries

+104%

Breach Velocity YoY

View Live Map → Run Free Exposure Scan RSS

Browse by sector

All breaches Healthcare Finance Government Technology Retail Education Legal

Browse by year

Education Sector Data Breaches (405 indexed)

critical · education · Apr 29, 2026

AR: Pine Bluff School District

THV11 News reports: Pine Bluff School District Superintendent Dr. Jennifer Barbaree broke her silence Monday evening after a cyberattack that cost the district millions. According to district officials, the incident happ

View incident → Original disclosure Indexed 3 days, 1 hour ago

medium · education · Apr 28, 2026

The “BlueLeaks 2.0” Breach: Will

A DataBreaches.net Editorial The “BlueLeaks 2.0” data breach may be the worst privacy and data security breach affecting students that DataBreaches has seen in 20 years of reporting on breaches affecting the

View incident → Original disclosure Indexed 4 days, 1 hour ago

medium · education · Apr 23, 2026

South Korea’s regulator fines matchmaking

Hyun Su-a reports: Duo Info, South Korea’s top matchmaking company, leaked the personal information of 430,000 members, authorities said. The leaked items went far beyond names and email addresses to include religi

View incident → Original disclosure Indexed 1 week, 2 days ago

high · education · Apr 17, 2026

Teen arrested in Northern Ireland

Alexander Martin reports: A 16-year-old boy has been arrested in Northern Ireland after a cyberattack disrupted access to educational systems used by potentially hundreds of thousands of students. The boy, who has not be

View incident → Original disclosure Indexed 2 weeks, 1 day ago

critical · education · Apr 16, 2026

McGraw Hill

13,500,136 records exposed — Email addresses, Names, Phone numbers, Physical addresses

View incident → Original disclosure Indexed 2 weeks, 2 days ago

high · education · Apr 15, 2026

Teen arrested in Northern Ireland

A 16-year-old boy has been arrested in Northern Ireland after a cyberattack disrupted access to educational systems used by potentially hundreds of thousands of students.

View incident → Original disclosure Indexed 2 weeks, 3 days ago

medium · education · Apr 14, 2026

McGraw-Hill

Education company McGraw-Hill has confirmed in a statement to BleepingComputer that hackers exploited a Salesforce misconfiguration and accessed its internal data. [...]

View incident → Original disclosure Indexed 2 weeks, 4 days ago

high · education · Mar 27, 2026

Kaplan North America

192K+ student records with SSNs, birth dates, driver licenses

View incident → Indexed 1 month ago

critical · education · Mar 12, 2026

California State University System

2.3M student records from 23 campuses exposed via compromised PeopleSoft instance

View incident → Original disclosure Indexed 1 month, 2 weeks ago

high · education · Feb 19, 2026

University of Sydney (Australia)

340K student records including visa and financial information exposed in targeted attack

View incident → Original disclosure Indexed 2 months, 1 week ago

high · education · Feb 16, 2026

University of Pennsylvania

623,750 records exposed — Charitable donations, Dates of birth, Email addresses, Genders and 7 more

View incident → Original disclosure Indexed 2 months, 2 weeks ago

medium · education · Feb 10, 2026

KU Leuven (Belgium)

190K student records exposed

View incident → Original disclosure Indexed 2 months, 3 weeks ago

high · education · Feb 7, 2026

University of Toronto

380K student and staff records compromised in targeted phishing campaign

View incident → Original disclosure Indexed 2 months, 3 weeks ago

medium · education · Feb 5, 2026

National Taiwan University

210K student records exposed

View incident → Original disclosure Indexed 2 months, 3 weeks ago

high · education · Jan 24, 2026

McGill University (Canada)

290K student and research records exposed via compromised research data portal

View incident → Original disclosure Indexed 3 months, 1 week ago

high · education · Jan 22, 2026

Brown University (Ivy League)

42K student records exposed via zero-day in student information system — grades and SSNs

View incident → Original disclosure Indexed 3 months, 1 week ago

high · education · Jan 15, 2026

Harvard University

520K alumni and donor records exposed via compromised advancement office database

View incident → Original disclosure Indexed 3 months, 2 weeks ago

high · education · Jan 6, 2026

WhiteDate

20,363 records exposed — Ages, Astrological signs, Bios, Device information and 18 more

View incident → Original disclosure Indexed 3 months, 3 weeks ago

high · education · Jan 5, 2026

Chicago Public Schools (2026)

670K student records stolen in ransomware attack

View incident → Original disclosure Indexed 3 months, 3 weeks ago

medium · education · Jan 5, 2026

Rice University

180K student records stolen

View incident → Original disclosure Indexed 3 months, 3 weeks ago

critical · education · Jan 1, 2026

PowerSchool

62M student and teacher records exposed

View incident → Indexed 4 months ago

high · education · Dec 8, 2025

Vanderbilt University

190K student and medical center records exposed via ransomware on administrative systems

View incident → Original disclosure Indexed 4 months, 3 weeks ago

medium · education · Dec 1, 2025

University of Warsaw

180K student records compromised

View incident → Original disclosure Indexed 5 months ago

high · education · Nov 18, 2025

Kaplan Education

230K+ people affected — SSNs and driver's license numbers stolen from test prep provider

View incident → Original disclosure Indexed 5 months, 2 weeks ago