While New South Wales’ new COVID outbreak is causing problems, it has other problems as well. On July 9, GRC World Forums reported:
The New South Wales (NSW) department of education in Australia has deactivated some internal systems after becoming the victim of a cyber-attack.
The timing has created considerable challenges for staff as they prepare for the start of a new term, said education secretary Georgina Harrisson.
Read more on GRC World Forums.
On May 7, ZDNet reported that the New South Wales government is preparing a new Bill that will require public sector and state-owned entities to report a data breach to the Privacy Commissioner as well as any affected individuals. That bill was anticipated to be presented in Parliament before the end of this year.
Blackboard Collab Leak, Too?
In other news impacting the education sector of Australia, last night threat hunter Chris Vickery tweeted:
(consequences phase two)
If you are an education entity in Australia or New Zealand and your students/faculty used the Blackboard Collab platform prior to July 2020– your users’ details are exposed to the public internet right now (and probably have been for a long time).
— Chris Vickery (@VickerySec) July 11, 2021
If you are an education entity in Australia or New Zealand and your students/faculty used the Blackboard Collab platform prior to July 2020– your users’ details are exposed to the public internet right now (and probably have been for a long time).
Vickery added. “It’s a 20 gig postgres SQL backup from July 15th 2020. That should be enough for Blackboard to confirm that I’m not blowing smoke here.”
Whether Vickery ever attempted to responsibly disclose the leak to Blackboard itself before publicly revealing the leak is unknown to this site, but his public comments appear to have some connection to his recent firing by UpGuard, a firm founded by two Australians and that has offices in Australia.