{"id":210399,"date":"2026-05-07T14:22:00","date_gmt":"2026-05-07T18:22:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/07\/report-data-breaches-impacted-9m-north-carolinians-in-2025-wral-com\/"},"modified":"2026-05-07T14:25:09","modified_gmt":"2026-05-07T18:25:09","slug":"report-data-breaches-impacted-9m-north-carolinians-in-2025-wral-com","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/07\/report-data-breaches-impacted-9m-north-carolinians-in-2025-wral-com\/","title":{"rendered":"Report: Data breaches impacted 9M+ North Carolinians in 2025 :: WRAL.com"},"content":{"rendered":"<p><a href=\"https:\/\/www.wral.com\/news\/local\/data-breach-north-carolina-millions-may-2026\/\">Report: Data breaches impacted 9M+ North Carolinians in 2025 :: WRAL.com<\/a><\/p>\n<p><a href=\"https:\/\/www.wral.com\/news\/local\/data-breach-north-carolina-millions-may-2026\/\">https:\/\/www.wral.com\/news\/local\/data-breach-north-carolina-millions-may-2026\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-07 14:22:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.wral.com\">www.wral.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>\t\t\t\t\t\t\tEach year, since at least 2023, the number of data breaches<br \/>\nin North Carolina have been identified as \u201crecord breaking\u201d by the state\u2019s<br \/>\njustice department.<\/p>\n<p>\t\t\t\t\t\t\tWRAL Investigates dug through the\u00a0latest report from the NC<br \/>\nDepartment of Justice after learning of another data breach impacting students<br \/>\nand staff across the state.\u00a0<\/p>\n<p>\t\t\t\t\t\t\tAccording to Wake County Public School System, they were<br \/>\nnotified of a<br \/>\ncybersecurity incident involving Canvas, a statewide learning management<br \/>\nsystem run by Instructure. District leaders said they believe student and staff<br \/>\ndata may have been accessed.<\/p>\n<p>\t\t\t\t\t\t\tThe NCDOJ report shows a total of 2,349 data breaches,<br \/>\nimpacting more than nine million North Carolinians. Most of the time, criminals<br \/>\nuse hacking or phishing methods to get access to sensitive information.<\/p>\n<p>\t\t\t\t\t\t\tThe Federal Bureau of Investigation also publishes annual<br \/>\nreports more broadly focused on cyber-enabled crime. The FBI reports North<br \/>\nCarolinians lost $431,561,716 to internet crimes across 25,940 complaints.<\/p>\n<p>\t\t\t\t\t\t\tAccording to the DOJ report, 155 security breaches affected the<br \/>\neducation industry. That makes up seven percent of all breaches in 2025. <\/p>\n<p>\t\t\t\t\t\t\t\u201cSchools hold massive amounts of sensitive data, but often<br \/>\nthey rely heavily on third party vendors. Attackers target educational<br \/>\ninstitutions, because one breach can impact thousands of students and staff all at<br \/>\nonce. In many cases, the goal is really extortion, phishing or selling the data,\u201d<br \/>\nsaid Kimberly Simon.<\/p>\n<p>\t\t\t\t\t\t\tShe\u2019s the CEO of Growth Office Partners, a company that<br \/>\nhelps businesses with cybersecurity and modernization. <\/p>\n<p>\t\t\t\t\t\t\tIn late 2024, a hacker accessed<br \/>\ndata from student information system PowerSchool \u2013 putting millions of<br \/>\nNorth Carolinian\u2019s information at risk. <\/p>\n<p>\t\t\t\t\t\t\tOfficials said the lack of multifactor authentication played<br \/>\na role in that cyberattack. <\/p>\n<p>\t\t\t\t\t\t\tWRAL Investigates reported<br \/>\nthe company paid a ransom to the hacker. NCDPI chief information Vanessa Wrenn<br \/>\ntold us then the department reviews the data security of each contractor each<br \/>\nyear.<\/p>\n<p>\t\t\t\t\t\t\tDuring Thursday\u2019s State Board of Education meeting, Wrenn asked<br \/>\nschool board members to approve $1.1 million in funding for cybersecurity<br \/>\ncontracts.<\/p>\n<p>\t\t\t\t\t\t\t\u201cAround 70% of our cyberattacks come through a phishing<br \/>\nsimulation. This certainly helps our schools and training our staff,\u201d she said<br \/>\nduring the meeting. \u201cIt is a very important tool for our schools.\u201d <\/p>\n<p>\t\t\t\t\t\t\tAlan Duncan noted the news reports about recent data<br \/>\nbreaches during the meeting, as well. \u00a0<\/p>\n<p>\t\t\t\t\t\t\t\u201cIt\u2019s important to note that this training is very helpful<br \/>\nto us, so that DPI information is not subject of having a gap that someone<br \/>\ncould exploit,\u201d he said. \u201cUnfortunately, some vendors we\u2019ve had have had some gaps<br \/>\nthat have been exploited. That is something that we are then having to deal<br \/>\nwith. I think we should, make clear: these are not gaps in our system to this<br \/>\npoint.\u201d<\/p>\n<p>\t\t\t\t\t\t\tThe FBI recommends the following mitigating practices for<br \/>\ncompanies: <\/p>\n<p>\t\t\t\t\t\t\t\u2022 Create off-site or offline backups and regularly maintain<br \/>\nbackup and restoration. Additionally, ensure all backup data is encrypted,<br \/>\nimmutable (i.e., cannot be altered or deleted), and covers the entire<br \/>\norganization\u2019s data infrastructure. <\/p>\n<p>\t\t\t\t\t\t\t\u2022 Eliminate default passwords and credentials when<br \/>\ninstalling software and require all accounts with password logins (e.g.,<br \/>\nservice accounts, admin accounts, and domain admin accounts) to comply with<br \/>\nNIST\u2019s standards. <\/p>\n<p>\t\t\t\t\t\t\t\u2022 Disable and remove unnecessary protocols by default. Audit<br \/>\nuser accounts with administrative privileges and configure access controls<br \/>\naccording to the principle of least privilege. <\/p>\n<p>\t\t\t\t\t\t\t\u2022 Enable multi-factor authentication (MFA) for all services<br \/>\nto the extent possible, particularly for webmail, virtual private networks, and<br \/>\naccounts that access critical systems. <\/p>\n<p>\t\t\t\t\t\t\t\u2022 Secure initial access points &#8211; To help in detecting the<br \/>\nransomware, implement a tool that logs and reports all network traffic,<br \/>\nincluding lateral movement activity on a network. Endpoint detection and<br \/>\nresponse (EDR) tools are particularly useful for detecting lateral connections<br \/>\nas they have insight into common and uncommon network connections for each<br \/>\nhost. <\/p>\n<p>\t\t\t\t\t\t\t\u2022 Segment networks to prevent the spread of ransomware.<br \/>\nNetwork segmentation can help prevent the spread of ransomware by controlling<br \/>\ntraffic flows between\u2014and access to\u2014 various subnetworks and by restricting<br \/>\nadversary lateral movement. <\/p>\n<p>\t\t\t\t\t\t\t\u2022 Keep all operating systems, software, and firmware up to<br \/>\ndate. Timely patching is one of the most efficient and cost-effective steps an<br \/>\norganization can take to minimize its exposure to cybersecurity threats.<br \/>\nPrioritize patching known exploited vulnerabilities in internet-facing systems.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Report: Data breaches impacted 9M+ North Carolinians in 2025 :: WRAL.com https:\/\/www.wral.com\/news\/local\/data-breach-north-carolina-millions-may-2026\/ Publish Date: 2026-05-07&#8230;<\/p>\n","protected":false},"author":1,"featured_media":210400,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.wral.com\/17bceb76-8a35-54bb-89d1-612f4137a127?w=1200&h=630","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[30,24,28,31,35,25],"class_list":["post-210399","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-breach","tag-cybersecurity","tag-data-security","tag-exploit","tag-hacker","tag-phishing"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/210399"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=210399"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/210399\/revisions"}],"predecessor-version":[{"id":210401,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/210399\/revisions\/210401"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/210400"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=210399"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=210399"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=210399"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}