THE data breach involving the Global Schools Group (GSG) impacted multiple school brands, revealing a total of 183,164 affected user accounts, including 83,132 student accounts, 88,856 parent accounts, and 11,176 staff accounts. Significant amounts of sensitive data were exfiltrated, including student enrollment records, attendance data, and internal messages. The breach was attributed to poor security practices, with critical vulnerabilities such as plaintext password storage for over 12,000 accounts.
Parents and employees expressed concerns about the security of their personal information and the potential for sensitive communications to be exposed. Several school brands were identified, with varying locations across countries like India, Cambodia, the Philippines, the UK, and more.