![Light piercing the clouds at golden hour [Frederick Lane, 2022]](https://storage.ghost.io/c/4c/1b/4c1b2fc2-118c-4aa9-89a8-c6338a9e8763/content/images/size/w1304/format/webp/2023/01/IMG_6723.jpg)
By Frederick Lane ~ 6 January 2023
This C4E Digest is 1,347 words, or approximately a 6-minute read.
💾 Above the Fold: Another Massive Student Data Breach
![Clouds and a Starry Sky [Frederick Lane, 2022]](https://storage.ghost.io/c/4c/1b/4c1b2fc2-118c-4aa9-89a8-c6338a9e8763/content/images/2023/01/IMG_6585.jpg)
Cloud storage is wonderful ... except when it isn't. A research team at vpnMentor, an online privacy firm, recently discovered that education publisher McGraw Hill exposed the personal data of more than 100,000 students.
- McGraw Hill stored the data in Amazon Web Services S3 buckets, a widely-popular type of cloud storage.
- Unfortunately, McGraw Hill misconfigured the settings of its data buckets, allowing anyone with a web browser access to more then 22 terabytes of student data and teaching materials.
- The misconfiguration may have allowed access as early as 2015.
Slow response: In its report, vpnMentor said that it contacted McGraw Hill multiple times about the security breach before the company responded.
Implications: A possible seven-year leak of confidential student and teacher information raises a number of security concerns.
