DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

U.S. Education Dept. responds to TheDarkOverlord attacks with new cyber advisory

Posted on October 13, 2017 by Dissent

It’s gratifying when advocacy efforts have an impact. Last week, this blogger spent a good amount of time talking with Kathleen Styles, Chief Privacy Officer of the U.S. Education Department. We discussed  the  TheDarkOverlord attacks on the education sector and I had urged the Department to try to warn schools how to better protect themselves.

I am pleased to see that they have now sent out the following advisory (yes, even though they don’t link to any of my reporting on this issue):

Cyber Advisory – New Type of Cyber Extortion / Threat Attack

Summary
Schools have long been targets for cyber thieves and criminals.  We are writing to let you know of a new threat, where the criminals are seeking to extort money from school districts and other educational institutions on the threat of releasing sensitive data from student records.  In some cases, this has included threats of violence, shaming, or bullying the children unless payment is received.

These attacks are being actively investigated by the FBI, and it is important to note that none of the threats of violence have thus far been judged to be credible.  At least three states have been affected.

How to Protect Yourself
The attackers are likely targeting districts with weak data security, or well-known vulnerabilities that enable the attackers to gain access to sensitive data. This may be in the form of electronic attacks against school/district computers or applications, malicious software, or even through phishing attacks against staff or employees.

IT Staff at Schools / Districts are encouraged to protect your organizations by

  • conducting security audits to identify weaknesses and update/patch vulnerable systems;
  • ensuring proper audit logs are created and reviewed routinely for suspicious activity;
  • training staff and students on data security best practices and phishing/social engineering awareness; and
  • reviewing all sensitive data to verify that outside access is appropriately limited.
What to Do if This Happens to You 
If your organization is affected by this type of attack, it is important to contact local law enforcement immediately. It’s not mandatory, but if you are an affected K12 school, please contact us at [email protected] so that we can monitor the spread of this threat. Additionally, the PTAC website contains a wealth of information that may be helpful in responding to and recovering from cyber attacks.While this new threat has thus far been directed only to K12, institutions of higher education should know that they are required to notify the Office of Federal Student Aid (FSA) of data breaches via email pursuant to the GLBA Act, and your Title IV participation and SAIG agreements.  Additional proactive tools for institutions of higher education are available at our Cybersecurity page on ifap.ed.gov
Copyright © Privacy Technical Assistance Center, All rights reserved. http://ptac.ed.gov

Note that despite what the cyber advisory suggests, this threat is not confined to K12, as TheDarkOverlord’s recent tweets suggest that they are also busy attacking institutions of higher education. 

Category: Education SectorOf Note

Post navigation

← UK: University of East Anglia not punished over data breach
Former nurse convicted of stealing patient information, filing over $1M in fraudulent claims with IRS →

2 thoughts on “U.S. Education Dept. responds to TheDarkOverlord attacks with new cyber advisory”

  1. Anonymous says:
    October 13, 2017 at 4:26 pm

    Is this advisory posted on their site somewhere? I can’t seem to find it.

    1. Dissent says:
      October 13, 2017 at 4:31 pm

      I don’t see it on their site (yet?). I received it via a list-serv they run.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC
  • CISA Alert: Updated Guidance on Play Ransomware

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.