Ben Jordan has the follow-up on the attempted hacking previously reported:
The Wichita School District‘s computer systems are back in action after an attempted cyber attack that forced them to shut down last month.
After shutting down programs for two weeks, the computer systems have been found to be safe. Now all computer systems, including ParentVUE and StudentVUE been brought back online.
For the past couple weeks law enforcement and a Kansas City cyber security agency have been investigating an attempted data breach on Wichita Public Schools.
[…]”The good thing is there was no evidence of any exfiltration of any information so we were able to keep student records safe and also employee information safe,” said Arensman.
Read more on KAKE.
Stating there was no evidence of exfiltration is meaningless without also stating how that conclusion was reached. Do we really want to blindly trust an organization, especially a government organization, when they make these claims?
Virtually all breach reports where they claim ‘no evidence of exfiltration’ doesn’t indicate how they actually conclude there was no exfiltration. If I don’t examine audit logs, or worse yet, they don’t exist, one can say ‘I found no evidence of exfiltration.’