Illinois K-12 Cybersecurity

Illinois is home to nearly 850 school districts serving approximately 1.9 million students, ranging from Chicago Public Schools — the third-largest district in the nation — to small rural districts with fewer than 100 students. This diversity creates a complex cybersecurity landscape where threats affect districts of every size, and where state legislation has been at the forefront of student data privacy protection. Illinois's experience with major data breaches, its landmark privacy laws, and its growing cybersecurity education programs offer critical lessons for school communities nationwide.

Major Data Breaches: Lessons from Illinois

Illinois school districts have experienced some of the most significant K-12 data breaches in U.S. history, underscoring the critical importance of cybersecurity preparedness and vendor management.

Chicago Public Schools: The Clop Ransomware Attack

In one of the largest K-12 data breaches ever recorded, the Russia-linked Clop ransomware gang exploited a vulnerability in a file transfer tool used by a Chicago Public Schools technology vendor. The breach compromised data on more than 700,000 current and former students, including names, dates of birth, gender, student identification numbers, and Medicaid identification numbers. This incident demonstrated a critical reality: even when a district's own systems are secure, third-party vendor vulnerabilities can expose massive amounts of student data.

PowerSchool Settlement

In a related development, PowerSchool and Chicago Public Schools agreed to a $17 million settlement in a class-action lawsuit over student data privacy. The case highlighted the financial and legal consequences that districts and vendors face when student data is not adequately protected, and set a precedent for vendor accountability in the K-12 education technology ecosystem.

2025 CPS Data Exposure

In early 2025, Chicago Public Schools disclosed another data exposure involving an unauthorized third party accessing CPS data through the file transfer software vendor Cleo. The incident reinforced the ongoing nature of supply chain cybersecurity risks and the importance of continuous vendor monitoring.

Key Takeaways from Illinois Breaches

  • Vendor risk is real and ongoing: Multiple Illinois breaches originated not from district systems, but from third-party vendors. Districts must continuously evaluate vendor security practices
  • Scale matters: Large districts like CPS have hundreds of vendor relationships, each representing a potential vulnerability. Comprehensive vendor management programs are essential
  • Notification and transparency build trust: CPS maintained a public breach notification page documenting incidents. Transparency helps families understand risks and take protective action
  • Legal consequences are significant: Multi-million dollar settlements demonstrate that data privacy failures carry real financial consequences for districts and vendors alike

Illinois Student Data Privacy Law: SOPPA

Illinois has established one of the most comprehensive student data privacy frameworks in the country through the Student Online Personal Protection Act (SOPPA).

What SOPPA Requires

SOPPA governs and protects the privacy and security of student data when it is shared with and collected by educational technology companies. The law sets clear rules for schools, the Illinois State Board of Education (ISBE), and EdTech providers:

  • Data governance: Districts must maintain inventories of all educational technology vendors that collect or process student data, and must execute data privacy agreements with each vendor
  • Parental notification: Schools must provide parents with a list of all EdTech services used and the types of student data collected by each
  • Vendor obligations: Technology companies must implement reasonable security measures, limit data use to educational purposes, and delete student data upon request when it is no longer needed
  • Breach notification: Vendors must promptly notify districts of any data breach, and districts must in turn notify affected families
  • Enforcement: SOPPA is enforced by the Illinois Attorney General through the Consumer Fraud and Deceptive Business Practices Act, giving it real teeth

National Data Privacy Agreement (NDPA)

The Learning Technology Center of Illinois created an Illinois-specific exhibit that modifies the National Data Privacy Agreement for use in the state, ensuring SOPPA compliance. This streamlined approach helps districts of all sizes efficiently manage vendor data agreements without needing extensive legal resources.

Illinois School and Campus Safety Resources

The Illinois School and Campus Safety program provides dedicated cybersecurity resources for K-12 schools, including guidance on incident response planning, staff training, and security best practices tailored to the Illinois educational environment.

Cybersecurity Best Practices for Illinois Districts

Based on Illinois-specific threat patterns and regulatory requirements, every district should prioritize:

  1. Comprehensive vendor management: Maintain an up-to-date inventory of all EdTech vendors, execute SOPPA-compliant data agreements, and regularly audit vendor security practices
  2. Multi-factor authentication: Require MFA for all staff access to email, student information systems, and administrative platforms. This single measure blocks the majority of credential-based attacks
  3. Phishing awareness training: Conduct regular simulated phishing exercises for all staff. Illinois districts have been heavily targeted by phishing campaigns impersonating educational platforms and administrative systems
  4. Incident response planning: Develop and regularly practice a cyber incident response plan that includes SOPPA notification requirements and coordination with the Illinois Attorney General's office
  5. Endpoint protection: Deploy endpoint detection and response (EDR) solutions on all district devices, especially important as 1:1 programs have expanded the number of devices connecting to school networks
  6. Data backup and recovery: Maintain offline backups of all critical systems and data. Test restoration procedures regularly to ensure rapid recovery in the event of a ransomware attack

Cybersecurity Education Programs in Illinois

Illinois offers students and educators several pathways into cybersecurity education, from K-12 awareness programs to advanced high school curricula.

GenCyber Elevate+ at Illinois Institute of Technology

The GenCyber Elevate+ program at Illinois Tech is designed to spark and sustain cybersecurity awareness among Chicago-area students. The program includes a residential summer camp for rising 10th through 12th graders, providing hands-on cybersecurity training, exposure to career pathways, and mentoring from industry professionals.

Illinois Cyber Security Scholars Program (ICSSP)

The ICSSP at the University of Illinois is a CyberCorps Scholarship for Service program that provides full tuition and stipends for students pursuing cybersecurity careers in government. While targeted at college students, the program connects with K-12 outreach initiatives and serves as a powerful career pathway that high school counselors should share with interested students.

University of Illinois Cybersecurity Programs

The University of Illinois cybersecurity program conducts research and community outreach that benefits K-12 education across the state, including curriculum development support and teacher professional development opportunities.

CyberPatriot Teams

Illinois schools participate actively in the national CyberPatriot competition, with teams across the Chicago metropolitan area, central Illinois, and suburban and rural communities. The Air and Space Forces Association supports team formation through local chapters, and many Illinois schools integrate CyberPatriot into their STEM and CTE programs.

Learning Technology Center Support

The Learning Technology Center of Illinois provides K-12 districts with technical assistance for implementing data security protocols, understanding SOPPA compliance requirements, and building cybersecurity awareness programs. Their resources are particularly valuable for smaller districts that lack dedicated cybersecurity staff.

What Illinois Parents Should Know

Parents of students in Illinois schools have specific rights and responsibilities under state law:

  • SOPPA gives you rights: Under Illinois law, your school district must provide you with a list of all educational technology vendors that collect your child's data. Request this list and review what information is being shared
  • Monitor for breach notifications: If your district experiences a data breach, you should receive notification. Pay attention to communications from your district about security incidents, and take recommended protective actions promptly
  • Secure home devices: School-issued Chromebooks and tablets connect to your home network. Use strong Wi-Fi passwords, enable automatic updates on all devices, and consider network-level content filtering
  • Discuss phishing awareness: Help your children recognize suspicious emails, messages, and links that may appear to come from their school. Teach them never to share passwords or personal information online
  • Report concerns: If you notice suspicious communications claiming to be from your school district, report them to the school immediately. Early reporting helps protect the entire school community

What Illinois Educators Should Know

Teachers and administrators in Illinois have access to state-supported resources and face specific regulatory requirements:

  • SOPPA compliance is your responsibility: Understand which EdTech tools in your classroom are covered by SOPPA agreements and which are not. Do not introduce new technology tools without going through your district's vetting process
  • Report suspicious activity: Know your district's incident reporting procedures. Phishing emails targeting educators often impersonate ISBE, testing vendors, or professional development platforms
  • Professional development: Take advantage of Learning Technology Center training on data privacy and cybersecurity, and explore GenCyber summer programs for additional professional growth
  • Integrate digital citizenship: Use nationally available curricula from Cyber.org and Common Sense Education to teach digital citizenship alongside core subjects
  • Connect students to opportunities: Share information about CyberPatriot, GenCyber Elevate+, and university scholarship programs like ICSSP with students who show interest in technology and cybersecurity

Getting Involved

Whether you are a parent, educator, or community member, here are five ways to strengthen K-12 cybersecurity in Illinois:

  1. Request your district's SOPPA vendor list and review what student data is being collected and by whom
  2. Attend school board meetings where technology and cybersecurity are discussed, and ask about the district's incident response plan and vendor management practices
  3. Explore cybersecurity education programs at Illinois Tech, University of Illinois, and other state institutions for student opportunities
  4. Support CyberPatriot teams at local schools — volunteer as a mentor, sponsor equipment, or help promote the program to students
  5. Use Learning Technology Center resources to stay informed about data privacy best practices and SOPPA compliance requirements

Disclaimer: This page provides cybersecurity information for educational and awareness purposes only. CyberLearning.org is not affiliated with any Illinois school district, state agency, or university mentioned. For the most current information about cybersecurity policies in a specific Illinois school district, contact that district directly.

Comments are closed.