"Brightly Says SchoolDude Data Breach Spilled 3 Million User Accounts"

Software maker Brightly has recently confirmed that hackers stole close to three million SchoolDude user accounts in an April data breach.  SchoolDude is a cloud-based work order management system used primarily by schools and universities to submit and track maintenance orders.  Its users are school employees, like principals, executives, and maintenance workers, as well as students and other staff submitting repair requests.  The company said it was notifying both past and present customers that the hackers took their names, email addresses, account passwords, and phone numbers if added to the account.  The data also includes the names of school districts.  Brightly said it reset customer passwords.  The company warned users to change passwords on other online accounts that use the same credentials as they used on SchoolDude. This refers to credential stuffing, where hackers use passwords from previous data breaches to break into other user accounts with the same passwords.  Brightly said it discovered the breach on April 28, more than a week after the mass data theft.

TechCrunch reports: "Brightly Says SchoolDude Data Breach Spilled 3 Million User Accounts"