From Insikt Group: New findings strongly suggest that the individual behind tessa88 may be Maksim Donakov of Penza, Russia, who operated under multiple different monikers on the dark web. It is possible that a second unknown individual was assisting Donakov in maintaining the tessa88 account, adhering to impeccable OPSEC procedures and until this day remaining…
Month: November 2018
NYSED Security Over Critical Information Systems (Follow-Up Audit by NYS Comptroller)
From the Office of the New York State Comptroller, this follow-up report on the New York State Education Department shows ongoing concerns that have not been addressed at all or only addressed partially: Issued: November 13, 2018 Link to full audit report 2018-F-17 Purpose To determine the extent of implementation of the two recommendations included…
The GDPR: When do schools need to report data breaches?
Luke Irwin reports: …. A major concern is the GDPR’s requirement that organisations report certain types of data breach to their supervisory authority within 72 hours of becoming aware of the incident. It’s one of the toughest rules to meet, but this blog provides you with all the details you need. Read more on IT Governance…
TN: Unauthorized users could have accessed private information of 7,700 people following ETSU breach
Jordan Moore reports: A data breach impacting employees at East Tennessee State University remains under investigation. University officials tell News Channel 11 that two unidentified employees clicked on a link in the phishing scam that was sent to their e-mail accounts. ETSU Spokesperson, Joe Smith, elaborated on that phishing scam e-mail Monday afternoon. Read more…
IE: University at centre of potential data breach after USB stick ‘goes missing’
Rachel Farrell reports: A leading university has experienced a potential data breach after a USB stick containing “confidential” details of up to 900 students went missing. NUI Galway, with a student population of over 18,000, confirmed in a statement on their website that the USB may have contained student names, their student numbers and exam…
This UK pub chain left 17,000 customer details exposed online
Nicole Kobie reports: The personal details of thousands of beer drinkers were left exposed thanks to a Wi-Fi provider proving leakier than a smashed pint glass. Brewhouse & Kitchen is a small chain of pubs with 23 locations across the UK. These include locations in London, Nottingham, Chester, Cardiff and Bristol. Patrons attempting to access…