Jeff Francis reports that Maastricht University in the Netherlands paid a Bitcoin ransom of US$220,000 to hackers who infected the university’s system with malware on December 24 after an employee fell for a phishing attack the previous month: The hackers, later identified as TA505, a Russian criminal gang, demanded a ransom of 30 bitcoins, which was…
Category: Education Sector
Phishing scam targets St. Louis Community College; private information exposed
Kevin S. Held reports: More than 5,100 St. Louis Community College students and employees had their personal information accessed via a phishing scam. The data breach was discovered on January 13, according to a spokesperson for the college. Cybercriminals targeted employees and students through “a series of email phishing attacks” which ultimately gave them access…
Data breach potentially exposes Eastern Virginia Medical School employees’ bank accounts
Elisha Sauers reports: Eastern Virginia Medical School is trying to beef up its email security following a phishing scam that could have exposed employees’ personal information, including bank accounts and Social Security numbers. EVMS president and provost Richard V. Homan informed staff of the breach Monday. The school had discovered Wednesday that some files might…
Arizona Department of Education redaction failure exposed 7,000 parents’ scholarship accounts
From the Goldwater Institute: January 28 — The Goldwater Institute was shocked to learn yesterday of a massive breach of privacy by the Arizona Department of Education, which released private personal information relating to almost 7,000 parents who participate in the state’s Empowerment Scholarship Accounts (ESA) program. The data breach is just the latest in…
School district officials investigating possible breach of online grading system
KUSI in San Diego reports: School district officials say they are investigating an apparent breach of the online grading system at Torrey Pines High School. Multiple sources tell KUSI that the system was hacked to alter student grades and transcripts. Read more on KUSI.
Winnti Group targeting universities in Hong Kong
Mathieu Tartare writes: In November 2019, we discovered a new campaign run by the Winnti Group against two Hong Kong universities. We found a new variant of the ShadowPad backdoor, the group’s flagship backdoor, deployed using a new launcher and embedding numerous modules. The Winnti malware was also found at these universities a few weeks…