RestorePrivacy

Your online privacy resource center

General

Home

News

About

Contact

Privacy Tools

Newsletter

Coming soon.

No spam, ever.

Brightly Discloses Data Breach Impacting Almost 3 Million Clients

By 2 Comments
Brightly software breach

Brightly Software has informed users of the SchoolDude app that hackers have gained access to its user database and stole sensitive information.

Brightly is American company, subsidiary of Siemens, that markets SchoolDude as a complete cloud-based educational operations management suite. The product is used by thousands of schools, universities, and colleagues in the United States, United Kingdom, Canada, Australia, and other organizations worldwide.

Yesterday, the company notified the Office of the Main Attorney General that 2,964,292 individuals have been impacted by a data breach that occurred on April 20, 2023, which the firm discovered on April 28, 2023.

“We at Brightly Software are writing to let you know about a recent security incident affecting an account you have on our SchoolDude application (schooldude.com), an online platform used by educational institutions for placing and tracking maintenance work orders. The incident involved an unauthorized actor obtaining certain account information from the SchoolDude user database.” – Brightly notification

The security incident at Brightly has resulted in the exposure of the following data:

  • Name
  • Email address
  • Account password
  • Phone number (if provided)
  • School district name

Exposure of the above data to hackers increases the risk of social engineering, phishing, impersonation, and bank fraud attacks against the impacted users. Unfortunately, due to the type of the software involved in this incident, the sensitive categories of school and university students are almost definitely affected.

Brightly says it has reported the incident to the law enforcement authorities and is currently investigating with the help of third-party IT experts to determine its scope and magnitude.

All SchoolDude user accounts have had their passwords invalidated to prevent unauthorized access, so users will have to set new passwords on their next login. The firm says users should visit the login portal at “login.schooldude.com” and click on the “Forgot Login Name or Password” option to initiate a password reset process.

Brightly has confirmed that user passwords have been compromised, so if account holders use the same credentials on any other online platforms, they are advised to reset them on those sites too.

Avatar photo

About Heinrich Long

Heinrich is an associate editor for RestorePrivacy and veteran expert in the digital privacy field. He was born in a small town in the Midwest (USA) before setting sail for offshore destinations. Although he long chafed at the global loss of online privacy, after Edward Snowden’s revelations in 2013, Heinrich realized it was time to join the good fight for digital privacy rights. Heinrich enjoys traveling the world, while also keeping his location and digital tracks covered.

Reader Interactions

Comments

  1. Lainie

    I have never heard of them, only Siemens. But since schools use them, I’m sure they’ll be notified from official sources (Siemens).

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *