Brightly warns of SchoolDude data breach exposing credentials – Source: www.bleepingcomputer.com

U.S. tech company and Siemens subsidiary Brightly Software is notifying customers that their personal information and credentials were stolen by attackers who gained access to the database of its SchoolDude online platform.

SchoolDude is a cloud-based platform for managing work orders used by over 7,000 colleges, universities, and K-12 schools from school districts of up to 600,000 students.

The companies’ other SaaS solutions are being used by more than 12,000 organizations worldwide, most from the United States, Canada, the United Kingdom, and Australia.

“We at Brightly Software are writing to let you know about a recent security incident affecting an account you have on our SchoolDude application (schooldude.com), an online platform used by educational institutions for placing and tracking maintenance work orders,” Brightly told affected SchoolDude users.

“The incident involved an unauthorized actor obtaining certain account information from the SchoolDude user database.”

The company believes the threat actors have stolen customer account information, including names, email addresses, account passwords, phone numbers (where available), and school district names.

​Brightly also reset the passwords of all SchoolDude users, who will now have to choose a new password after clicking “Forgot Login Name or Password?” on login.schooldude.com.

“Because passwords were affected in this incident, we are writing to remind you of the importance of using a strong and unique password for each online account you maintain,” the SaaS provider added.

“If you are currently using your SchoolDude password for any other online account, we recommend that you promptly change your passwords on those other accounts.”

After detecting the incident, Brightly reported the breach to the relevant law enforcement authorities and hired third-party security experts to investigate the attack.

BleepingComputer couldn’t reach out to a Brightly spokesperson for more details regarding the attack (the email bounced back with a “550 invalid mailbox” error).