If you care about data security in k-12, read this news report by Lisa Singleton-Rickman of TimesDaily concerning an Alabama school district. I think it serves as a useful example of what we’re up against. Start with the fact that the state does not require any IT audits in k-12 districts. Don’t ask, don’t tell? But Florence…
Category: Education Sector
Personal information of 1 million potential college applicants ‘exposed inadvertently’
Emily Tate reports that a vendor in the higher education space exposed more than 1 million potential college applicants’ information due to a misconfigured rsync backup: The data — which included names, phone numbers, email addresses, home addresses, high school graduation years and, in a few cases, dates of birth and Social Security numbers —…
Mistake in Some Google Groups Permissions Left Sensitive Info Accessible to Boston College community
Steven Everett and Connor Murphy report: Until December 2017, Google Groups containing hundreds of University communications and associated documents with restricted, confidential, or otherwise sensitive information had misconfigured permission settings such that anyone who could access the Boston College G Suite—known formally as Google Apps—could view them, a Heights investigation found. The Heights notified the…
Police: Hackers tried to alter grades at Virginia school
A search warrant says hackers have attempted to change grades at a Virginia high school. The Washington Post cites the warrant filed in Fairfax County that says the attack began in November when emails were sent from a known Oakton High School Honor Council with a link it purported would take readers to news about…
Titanium Stresser programmer whose tools caused chaos must repay £70,000 or face further jail time
A computer hacker who was jailed after setting up a business which caused chaos all over the world must pay back nearly £70,000 or face another two years behind bars. Adam Mudd was just 16 when he created his Titanium Stresser program, which was used to carry out more than 1.7 million attacks on websites including…
Nine Iranians Charged With Conducting Massive Cyber Theft Campaign on Behalf of the Islamic Revolutionary Guard Corps
An Indictment charging Gholamreza Rafatnejad, 38; Ehsan Mohammadi, 37; Abdollah Karima, aka Vahid Karima, 39; Mostafa Sadeghi, 28; Seyed Ali Mirkarimi, 34; Mohammed Reza Sabahi, 26; Roozbeh Sabahi, 24; Abuzar Gohari Moqadam, 37; and Sajjad Tahmasebi, 30, all citizens and residents of Iran, was unsealed today. The defendants were each leaders, contractors, associates, hackers-for-hire or…