North Carolina Faces Record-Breaking Data Breaches, Including Major Education Sector Attacks
North Carolina has seen a surge in data breaches, with the state’s Department of Justice (NCDOJ) reporting 2,349 incidents in 2025 impacting over nine million residents. The majority of these breaches stem from hacking and phishing attacks, with cybercriminals increasingly targeting sensitive data for extortion or resale.
A recent breach at Wake County Public Schools highlighted the vulnerability of educational institutions. The district confirmed a cybersecurity incident involving Canvas, a statewide learning management system operated by Instructure, potentially exposing student and staff data. This follows a 2024 attack on PowerSchool, a student information system, where hackers accessed millions of records an incident linked to the lack of multi-factor authentication (MFA). The company reportedly paid a ransom to the attackers.
Education remains a prime target, accounting for 155 breaches (7% of the state’s total) in 2025. Experts note that schools store vast amounts of sensitive data but often rely on third-party vendors, making them attractive to attackers. Kimberly Simon, CEO of Growth Office Partners, emphasized that a single breach can compromise thousands of individuals at once.
In response, the North Carolina Department of Public Instruction (NCDPI) is seeking $1.1 million in funding for cybersecurity contracts, including phishing simulation training a critical tool, as 70% of attacks originate from phishing. During a recent State Board of Education meeting, Vanessa Wrenn, NCDPI’s chief information officer, stressed the need to address vendor security gaps, while board member Alan Duncan acknowledged past breaches tied to third-party vulnerabilities.
The FBI’s 2024 Internet Crime Report further underscores the financial toll, with North Carolinians losing $431.6 million across 25,940 complaints. The agency recommends MFA implementation, network segmentation, regular backups, and timely patching to mitigate risks. Despite these measures, the state’s escalating breach numbers signal an ongoing challenge in securing critical infrastructure.
Source: https://www.wral.com/news/local/data-breach-north-carolina-millions-may-2026/
Instructure cybersecurity rating report: https://www.rankiteo.com/company/instructure-inc-
PowerSchool cybersecurity rating report: https://www.rankiteo.com/company/powerschool-group-llc
"id": "INSPOW1778179137",
"linkid": "instructure-inc-, powerschool-group-llc",
"type": "Ransomware",
"date": "1/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'thousands of students and staff',
'industry': 'education',
'location': 'North Carolina, USA',
'name': 'Wake County Public Schools',
'type': 'educational institution'},
{'customers_affected': 'millions of records',
'industry': 'education technology',
'name': 'PowerSchool',
'type': 'student information system provider'},
{'customers_affected': 'student and staff data',
'industry': 'education technology',
'name': 'Instructure (Canvas)',
'type': 'learning management system provider'}],
'attack_vector': ['phishing', 'hacking'],
'data_breach': {'number_of_records_exposed': 'millions',
'personally_identifiable_information': 'yes',
'sensitivity_of_data': 'high',
'type_of_data_compromised': ['student data',
'staff data',
'personally identifiable '
'information']},
'date_publicly_disclosed': '2025',
'description': 'North Carolina has seen a surge in data breaches, with the '
'state’s Department of Justice (NCDOJ) reporting 2,349 '
'incidents in 2025 impacting over nine million residents. The '
'majority of these breaches stem from hacking and phishing '
'attacks, with cybercriminals increasingly targeting sensitive '
'data for extortion or resale. A recent breach at Wake County '
'Public Schools involved Canvas, a statewide learning '
'management system operated by Instructure, potentially '
'exposing student and staff data. This follows a 2024 attack '
'on PowerSchool, where hackers accessed millions of records '
'due to the lack of multi-factor authentication (MFA). '
'Education remains a prime target, accounting for 155 breaches '
'(7% of the state’s total) in 2025.',
'impact': {'brand_reputation_impact': 'significant',
'data_compromised': 'student and staff data, millions of records',
'financial_loss': '$431.6 million (statewide losses in 2024)',
'identity_theft_risk': 'high',
'operational_impact': 'disruption to educational institutions',
'systems_affected': ['Canvas (Instructure)', 'PowerSchool']},
'lessons_learned': 'Educational institutions are prime targets due to '
'sensitive data and reliance on third-party vendors. Lack '
'of MFA and vendor security gaps are critical '
'vulnerabilities. Phishing is a major attack vector, '
'necessitating training and simulations.',
'motivation': ['extortion', 'data_resale'],
'post_incident_analysis': {'corrective_actions': ['phishing simulation '
'training',
'funding for cybersecurity '
'contracts',
'MFA implementation'],
'root_causes': ['lack of MFA',
'third-party vendor '
'vulnerabilities',
'phishing attacks']},
'ransomware': {'ransom_paid': 'yes (PowerSchool incident)'},
'recommendations': ['Implement multi-factor authentication (MFA)',
'Conduct phishing simulation training',
'Address vendor security gaps',
'Enhance network segmentation',
'Maintain regular backups',
'Ensure timely patching',
'Allocate funding for cybersecurity contracts'],
'references': [{'source': 'North Carolina Department of Justice (NCDOJ)'},
{'source': 'FBI’s 2024 Internet Crime Report'},
{'source': 'State Board of Education meeting'}],
'response': {'network_segmentation': 'recommended',
'remediation_measures': ['MFA implementation',
'network segmentation',
'regular backups',
'timely patching']},
'title': 'North Carolina Data Breaches Surge, Including Major Education '
'Sector Attacks',
'type': ['data_breach', 'ransomware'],
'vulnerability_exploited': 'lack of multi-factor authentication (MFA)'}