Brian Bliss reports that Johannesburg-Lewiston Area Schools (JLAS) in Michigan fell victim to a ransomware attack. The type of ransomware was not reported, nor the amount of the ransom (which the district and their insurer paid). Read more about the incident on Gaylord Herald Times.
Category: Education Sector
NYSED Security Over Critical Information Systems (Follow-Up Audit by NYS Comptroller)
From the Office of the New York State Comptroller, this follow-up report on the New York State Education Department shows ongoing concerns that have not been addressed at all or only addressed partially: Issued: November 13, 2018 Link to full audit report 2018-F-17 Purpose To determine the extent of implementation of the two recommendations included…
The GDPR: When do schools need to report data breaches?
Luke Irwin reports: …. A major concern is the GDPR’s requirement that organisations report certain types of data breach to their supervisory authority within 72 hours of becoming aware of the incident. It’s one of the toughest rules to meet, but this blog provides you with all the details you need. Read more on IT Governance…
TN: Unauthorized users could have accessed private information of 7,700 people following ETSU breach
Jordan Moore reports: A data breach impacting employees at East Tennessee State University remains under investigation. University officials tell News Channel 11 that two unidentified employees clicked on a link in the phishing scam that was sent to their e-mail accounts. ETSU Spokesperson, Joe Smith, elaborated on that phishing scam e-mail Monday afternoon. Read more…
IE: University at centre of potential data breach after USB stick ‘goes missing’
Rachel Farrell reports: A leading university has experienced a potential data breach after a USB stick containing “confidential” details of up to 900 students went missing. NUI Galway, with a student population of over 18,000, confirmed in a statement on their website that the USB may have contained student names, their student numbers and exam…
NJ: Here, let me help you withdraw from all those pesky courses.
Andrew Kinney reports on a hack at Stevens Institute of Technology in New Jersey. Registration at Stevens is like high school sports. It involves waking up at seven in the morning to repeat mindless drills (furiously clicking through Web Self Services). It works with a class hierarchy — juniors trump sophomores who trump freshmen, with seniors…