John E. Dunn reports:
Israeli researchers have discovered the contact details for everyone working and teaching at the University of Liverpool circulating on a dark Web forum where it is being promoted to launch targeted phishing attacks.
Read more on ComputerworldUK.
For many universities, such contact details are considered public domain and/or are freely available on web sites. Although these data were seemingly extracted from a database, the university does not consider a true data breach:
“We detected an automated cyber-attack on one of our departmental online booking systems, which resulted in publically available data – surname, email, and business telephone numbers – being released on the internet,” the University said.
So it’s a security breach, but not a data breach? I see….