THE Education Technology (EdTech) sector is increasingly targeted by cybercriminals due to sensitive data like student and employee information being stored on these platforms. Notable attack groups include ShinyHunters and FulcrumSec, each employing different methods of exploitation.
ShinyHunters is known for large-scale data breaches using API exploitation and database misconfigurations, while FulcrumSec specializes in ransomware attacks with double extortion tactics, employing custom encryption and leak sites to pressure victims. Both groups have credible histories of incidents, posing significant threats to educational organizations.