Press Release

New Report Finds One in Two U.S. School Districts Experienced a Cybersecurity Incident in 2025

Photo of Cision PR Newswire Cision PR Newswire Send an email 31 minutes ago
0 3 minutes read

U.S. districts experience a sharp rise in breaches and widening gaps in student identity protection as AI risks accelerate faster than they can respond

SAN FRANCISCO, March 11, 2026 /PRNewswire/ — Clever, the identity platform used by more than 77% of U.S. K-12 schools to simplify and secure digital learning, today released its Cybersecure 2026 Report, an annual survey examining how district leaders are experiencing, responding to, and preparing for evolving cyber threats.

Based on responses from nearly 500 U.S. K-12 administrators and technology professionals, the report finds that cybersecurity incidents have become a persistent operating condition for school systems. In 2025, 52% of U.S. districts experienced a cybersecurity incident, up significantly from years prior ( 36% in 2024 and 31% in 2023). For the millions of students heading to class each morning, these statistics translate into disrupted lessons, locked learning apps, and compromised personal data.

The report also highlights a growing reality of shared risk across the K-12 ecosystem. Vendor-related incidents rose sharply from 4% in 2023 to 32% in 2025, reflecting the increasing concentration of data and workflows in widely used platforms โ€“ and the cascading impact when a single incident affects many districts at once. A single vendor breach can cascade across hundreds of districts simultaneously, turning what looks like one company’s problem into a school-day disruption for millions of families.

“There’s a growing acceptance in K-12 that cybersecurity incidents are, unfortunately, part of the landscape now,” said Eric Hileman, Executive Director, IT Services, of Oklahoma City Public Schools. “What’s different in education is that when something happens, districts tend to help each other instead of going silent. That collaboration is baked into the culture.”

Other key findings from the Cybersecure 2026 Report include:

  • Student identity theft or long-term harm is now the number one concern for 54% of U.S. districts โ€“ yet only 21% of them feel most confident addressing student identity threats, and students remain the group with the lowest Multi-Factor Authentication (MFA) adoption (13% across grade levels). A kindergartner whose data is compromised today may not discover the impact until they apply for their first job or student loan.
  • More than half of districts (58%) have adopted new technologies to meet insurance requirements. However, nearly 40% of administrators are unsure if these “check-the-box” changes actually make their students safer, reflecting the reality that cybersecurity insurance decisions and day-to-day security operations are often owned by different parts of the organization.
  • Four out of five U.S. districts believe AI is increasing their cybersecurity risk, yet only 11% have formal processes to vet AI use in edtech tools. Meanwhile, students are already using these tools daily, often without realizing what personal data they’re handing over in the process. Without these safeguards, students and educators are often left to experiment with powerful tools that may not protect their data privacy.
  • Resource constraints, not awareness, are now the primary barrier to progress. Leadership support ranks as one of the least challenging issues for U.S. districts, but staffing and budget shortages continue to limit the ability to adopt, manage, and sustain modern security practices.

“Schools are no longer planning for theoretical cybersecurity incidents, they are planning for attacks that they know will happen,” said Trish Sparks, CEO of Clever. “Schools need security solutions built for how they actually operate – with complex systems and limited resources, keeping student data privacy as a top priority.”

To learn more about how districts are navigating identity security, cyber insurance mandates, and AI-era threats, read the full Cybersecure 2026 Report here.

About Clever

Clever is on a mission to connect every student to a world of learning. More than 77% of U.S. K-12 schools use Clever to power secure digital learning experiences. With Clever’s layered security solutions, districts can protect access and identities for staff, teachers, and students. Clever is a Kahoot! company with an office in San Francisco, CA. Learn more at clever.com.

Media Contact
Kayla Kelly
[email protected]

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/new-report-finds-one-in-two-us-school-districts-experienced-a-cybersecurity-incident-in-2025-302709821.html

SOURCE Clever

Author

Photo of Cision PR Newswire Cision PR Newswire Send an email 31 minutes ago
0 3 minutes read

Leave a Reply

Related Articles

KX Launches Agentic AI Blueprints Powered by NVIDIA at GTC 2026, Featuring a Capital Markets Research Assistant and Trading Signal Agent

2 minutes ago

How Shopify brands handle customer calls without hiring more support staff

6 minutes ago

Biome Analytics Launches First-of-Its-Kind Cardiovascular Productivity Tools to Transform Healthcare Reporting and Accountability

14 minutes ago

Engine Capital Issues Statement Regarding Announced Sale of UniFirst to Cintas

14 minutes ago
Back to top button