View Only

Raptor Technology - Data Leak

  • 1.  Raptor Technology - Data Leak

    Posted 01-12-2024 09:37 AM
    Edited by William Stites 01-12-2024 02:02 PM

    I received an email brief from K12 Six reporting on a data leak that was reported by Wired (1/11/24) - US School Shooter Emergency Plans Exposed in a Highly Sensitive Database Leak.

    The leak appears to be impacting schools using the Raptor Link and/or Visitor Management systems.

    Some of the key points that they discussed on their member webinar were:

    • "Thousands" of emergency planning documents from US schools-including their safety procedures
      for active shooter emergencies-were leaked in an 800 GB trove of more than 4 million records from
      2022-23 that were inadvertently made public, including:
    • evacuation plans, with maps showing the routes students should take and where they should gather during
    • details of students who pose a threat on campus;
    • medical records;
    • court documents relating to restraining orders and family abuse; and
    • the names and ID numbers of staff, students, and their parents or guardians

    The sources of the leak appear to be from 3 unsecured cloud storage buckets - Azure. The leaks appear to have been active since November. The data would have had to be uploaded by the schools.

    I know that many school use this system for various reasons within their schools and want to make sure that everyone is aware of the issue and has an opportunity to inverstigate.


    {editied - 1/12/2024 @ 2:00pm}

    From K12 Six

    UPDATE #2 (1/12 @ 12:25pm): The media is picking up on this incident and drawing further attention to it. 

    William Stites
    Montclair Kimberley Academy
    Montclair NJ