Report: Data breaches impacted 9M+ North Carolinians in 2025 :: WRAL.com

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points.

Each year, since at least 2023, the number of data breaches
in North Carolina have been identified as “record breaking” by the state’s
justice department.

WRAL Investigates dug through the latest report from the NC
Department of Justice after learning of another data breach impacting students
and staff across the state.

According to Wake County Public School System, they were
notified of a
cybersecurity incident involving Canvas, a statewide learning management
system run by Instructure. District leaders said they believe student and staff
data may have been accessed.

The NCDOJ report shows a total of 2,349 data breaches,
impacting more than nine million North Carolinians. Most of the time, criminals
use hacking or phishing methods to get access to sensitive information.

The Federal Bureau of Investigation also publishes annual
reports more broadly focused on cyber-enabled crime. The FBI reports North
Carolinians lost $431,561,716 to internet crimes across 25,940 complaints.

According to the DOJ report, 155 security breaches affected the
education industry. That makes up seven percent of all breaches in 2025.

“Schools hold massive amounts of sensitive data, but often
they rely heavily on third party vendors. Attackers target educational
institutions, because one breach can impact thousands of students and staff all at
once. In many cases, the goal is really extortion, phishing or selling the data,”
said Kimberly Simon.

She’s the CEO of Growth Office Partners, a company that
helps businesses with cybersecurity and modernization.

In late 2024, a hacker accessed
data from student information system PowerSchool – putting millions of
North Carolinian’s information at risk.

Officials said the lack of multifactor authentication played
a role in that cyberattack.

WRAL Investigates reported
the company paid a ransom to the hacker. NCDPI chief information Vanessa Wrenn
told us then the department reviews the data security of each contractor each
year.

During Thursday’s State Board of Education meeting, Wrenn asked
school board members to approve $1.1 million in funding for cybersecurity
contracts.

“Around 70% of our cyberattacks come through a phishing
simulation. This certainly helps our schools and training our staff,” she said
during the meeting. “It is a very important tool for our schools.”

Alan Duncan noted the news reports about recent data
breaches during the meeting, as well.

“It’s important to note that this training is very helpful
to us, so that DPI information is not subject of having a gap that someone
could exploit,” he said. “Unfortunately, some vendors we’ve had have had some gaps
that have been exploited. That is something that we are then having to deal
with. I think we should, make clear: these are not gaps in our system to this
point.”

The FBI recommends the following mitigating practices for
companies:

• Create off-site or offline backups and regularly maintain
backup and restoration. Additionally, ensure all backup data is encrypted,
immutable (i.e., cannot be altered or deleted), and covers the entire
organization’s data infrastructure.

• Eliminate default passwords and credentials when
installing software and require all accounts with password logins (e.g.,
service accounts, admin accounts, and domain admin accounts) to comply with
NIST’s standards.

• Disable and remove unnecessary protocols by default. Audit
user accounts with administrative privileges and configure access controls
according to the principle of least privilege.

• Enable multi-factor authentication (MFA) for all services
to the extent possible, particularly for webmail, virtual private networks, and
accounts that access critical systems.

• Secure initial access points – To help in detecting the
ransomware, implement a tool that logs and reports all network traffic,
including lateral movement activity on a network. Endpoint detection and
response (EDR) tools are particularly useful for detecting lateral connections
as they have insight into common and uncommon network connections for each
host.

• Segment networks to prevent the spread of ransomware.
Network segmentation can help prevent the spread of ransomware by controlling
traffic flows between—and access to— various subnetworks and by restricting
adversary lateral movement.

• Keep all operating systems, software, and firmware up to
date. Timely patching is one of the most efficient and cost-effective steps an
organization can take to minimize its exposure to cybersecurity threats.
Prioritize patching known exploited vulnerabilities in internet-facing systems.