Botnets and Identity Theft in Education

By: Tonya Mead, CFE, PI, MBA,MA Educational Psychology

Talk to any one of the 21 million federal workers or contractors impacted by the hacking incident exposing personal records for potential criminal or national security activities and you’ll receive a collective sigh.

However, did you know that the records of more than 75.2 million students and 4.6 million educators at the elementary, secondary and post secondary levels are equally at risk? Registration and financial aid subsidies require the submission of confidential student and family information. The potential for severe harm is considerable.  According to the Identity Theft Resource Center, criminals may “purposely target children because of the often lengthy time between the fraudulent use of the child’s information and the discovery of the crime.”

The Dangers

The education sector is the “second most sector—behind only healthcare—for businesses with lost or stolen records globally.”   Additionally, according to BitSight Security, the education sector has the lowest security performance for the prevention of Botnets.  On a letter grade scale of A-F;  the education sector experienced the highest distribution of ‘F’ scores in comparison to its industry colleagues (finance, retail, health care, and utilizes) and exhibited to lowest distribution of ‘A’ scores.

Botnets are a network of computers that have been infected with malicious software without the owners’ knowledge.  Botnets are used for sending spam, phishing emails, ransomware and spyware.When a school or state education agency’s computer system becomes infected with botnets, private records and data are at risk for theft.

The FTC urges consumers to take immediate action if their child’s information is being misused. The reason?  “A child’s social security number can be used by identity thieves to apply for government benefits, open bank and credit card accounts, apply for a loan or utility service, or rent a place to live…”

Tonya J. Mead, CFE, PI, MBA, MA, Certified K-12 Administrator and School Psychologist is author of Fraud in Education: Beyond the Wrong Answer and president of Shared Knowledge, LLC

Related Articles

  1. Botnets and identity theft
  2. FITARA score low for US Department of Education
  3. Hack for enrollment
  4. 40 million vulnerable bank records
  5. 23,000 student records hacked


Identity Theft Resource Center, Fact Sheet, 120, 2015, p. 1.

Dresser, “Board Oks Pact to Protect UM Security Breach Victims,” The Baltimore Sun, 23 July, 2014. Available:

Ponemon, “What does a data breach cost companies?” Ponemon Institute, LLC, Traverse City, MI, 2005.

Bitsight Insights, “Beware the Botnets: Botnets Correlated to a Higher Likelihood of a Significant Breach,” April 2015.

Mead, “Fraud in Education: Beyond the Wrong Answer, Shared Knowledge, LLC, 2016.