cyber Breach

KIPP SoCal Public Schools

May 11, 2023 1 min read
KIPP SoCal Public Schools

On June 2, 2020, KIPP SoCal experienced a data security incident.

The breach gave unauthorized access to a data file containing certain students’ information.

The GitHub page containing the data file had an incorrect privacy setting, allowing our
data file to be searchable within the confines of GitHub from October 3, 2019 through June 2, 2020.

The page had been accessed seven times by individuals or robots during the time it was exposed.

The page contained the data file included student names, addresses, birth dates, race/ethnicity, primary language, and primary disability.

Source: https://oag.ca.gov/system/files/KIPP%20SoCal%20Public%20Schools%20GitHub%20Data%20Breach%20Notification%20Letter%20to%20Families%206.11.20.pdf

TPRM report: https://scoringcyber.rankiteo.com/company/kippsocal

"id": "kip2036123",
"linkid": "kippsocal",
"type": "Breach",
"date": "06/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Education',
                        'name': 'KIPP SoCal',
                        'type': 'Educational Institution'}],
 'attack_vector': 'Incorrect Privacy Setting',
 'data_breach': {'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Student names',
                                              'Addresses',
                                              'Birth dates',
                                              'Race/ethnicity',
                                              'Primary language',
                                              'Primary disability']},
 'date_detected': '2020-06-02',
 'description': 'On June 2, 2020, KIPP SoCal experienced a data security '
                'incident. The breach gave unauthorized access to a data file '
                'containing certain students’ information. The GitHub page '
                'containing the data file had an incorrect privacy setting, '
                'allowing our data file to be searchable within the confines '
                'of GitHub from October 3, 2019 through June 2, 2020. The page '
                'had been accessed seven times by individuals or robots during '
                'the time it was exposed. The page contained the data file '
                'included student names, addresses, birth dates, '
                'race/ethnicity, primary language, and primary disability.',
 'impact': {'data_compromised': ['Student names',
                                 'Addresses',
                                 'Birth dates',
                                 'Race/ethnicity',
                                 'Primary language',
                                 'Primary disability']},
 'initial_access_broker': {'entry_point': 'GitHub'},
 'post_incident_analysis': {'root_causes': 'Incorrect Privacy Setting on '
                                           'GitHub'},
 'title': 'KIPP SoCal Data Security Incident',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Incorrect Privacy Setting on GitHub'}
Published by
Jeremy C
Jeremy C
You might also like
Ransomware cyber

IdeaLab

public 1 min read
IdeaLab, a California-based technology startup incubator, experienced a data breach in October 2024 where hackers accessed sensitive information. The Hunters…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.