For a number of years now, I’ve noted NYS comptroller audits of school districts when it comes to IT and infosecurity. Here’s one that was recently released concerning Urban Choice Charter School in Rochester: Issued Date June 12, 2020 Audit Objective Determine whether the Board and School officials ensured information technology (IT) assets were safeguarded….
Category: Education Sector
UCSF admits it paid NetWalker more than $1 million ransom
On June 4, this site noted that NetWalker ransomware operators had added the University of California at San Francisco (UCSF) to their website where they name victims who have not paid their ransom demands. I did not expect the university to pay, commenting, at the time, “I wonder if the threat actors know how many…
Jamesville-DeWitt High School student email list breached; explicit messages sent
Elizabeth Doran reports: DeWitt, N.Y. — The Jamesville-DeWitt High School email listserv was breached, and three “explicit” messages were sent to students, according to a notification the district sent to families. The messages were each one line, and contained vulgar language directed at school administrators, according to copies obtained by syracuse.com | The Post-Standard. They were all…
FBI warns K12 schools of ransomware attacks via RDP
Catalin Cimpanu reports: The US Federal Bureau of Investigation sent out on Tuesday a security alert to K12 schools about the increase in ransomware attacks during the coronavirus (COVID-19) pandemic, and especially about ransomware gangs that abuse RDP connections to break into school systems. The alert, called a Private Industry Notification, or PIN, tells schools…
Data breach at Mid-Michigan College endangers personal data of up to 16,000
Eric Baerren reports: A hacker penetrated Mid-Michigan College’s email system, compromising the accounts of 10 employees and compromising personal data of potentially up to 16,000 people. The data breach was announced in correspondence sent by MMC president Christine Hammond to the college community earlier this week, and in a public notice on Thursday. Read more…
UCSF updates progress recovering from ransomware attack
On June 4, I noted that NetWalker ransomware operators had reportedly added the University of California at San Francisco to their website where they name victims who have not paid their ransom demands. When I checked back today, I do not see UCSF still listed on NetWalker’s site, which is curious. But I also see…