GetSchooled, a charity funded and operated by the Bill and Melinda Gates Foundation that provides educational resources to younger students, was breached. The charity was informed by TurgenSec on November 18th that a database of student information was accessible to anyone on the Internet with no authentication required, and it took them over a month resolve the issue on December 21st. According to TurgenSec, over 930,000 people ranging from young children to adults had their information exposed. Some of the exposed information included full addresses, schools, student phone numbers and emails, graduation details, ages, genders and more. GetSchooled has denied that the total number of people that were affected is as high as TurgenSec claims, and puts the number at around 250,000 with only 75,000 connected to emails that are still active. The information exposed did not include dates of birth or any financial information.
GetSchooled made it relatively easy for anyone to access the information by leaving the database accessible to the Internet with no password required. It is important for organizations to maintain their site security by ensuring databases and cloud storage are properly configured, and regularly check it for vulnerabilities. Anyone whose information may have been impacted in this or any breach should keep an eye out for suspicious emails and do not interact with them if they are received.