Brightly has confirmed that hackers stole close to three million SchoolDude user accounts in a data breach.
SchoolDude is a cloud-based work order management system used by schools and universities to submit and track maintenance orders.
Brightly in a notification, both past and present customers that the hackers took their names, email addresses, account passwords, and phone numbers. The data also includes the names of school districts.
Brightly said it has completed resetting customer passwords. It also warned users to change passwords on other online accounts that use the same credentials as they used on SchoolDude.
SchoolDude passwords were unencrypted but declined to comment beyond the company’s data breach notice. Brightly also declined to say how the breach occurred or say who if anyone was responsible for overseeing cybersecurity at the company at the time of the breach.
Brightly said in its notice that it discovered the breach on April 28, more than a week after the mass data theft.
Siemens bought Brightly, previously known as Dude Solutions, in 2022. Brightly said it had 12,000 enterprise customers, mainly across the U.K., Canada, Australia, and the United States.