Bill Fitzgerald (@FunnyMonkey) has written a post that I wish all school districts would read, process, and follow up on. The following is just a snippet from his post: We should assume that the KnowBe4 impersonation and the xz incident are not isolated or unique, and that there are other similar attacks underway that are…
Category: Education Sector
Pueblo County D70 data breach may have compromised information of former students, staff
James Bartolo reports: Pueblo County School District 70 is addressing a data breach and ransomware attack that may have compromised the personal information of former students, as well as current and former staff. The data breach is believed to have impacted a number of student records saved between 1991 and 2006. Past and present staff…
Students’ Personal Data Mismanaged; Data Sent to Foreign Businesses, Used to Update Apps
The Yomiuri Shimbun reports: Local governments have authorized Recruit Co. — a provider of educational apps — to directly obtain public school students’ personal data and manage it, The Yomiuri Shimbun has learned. The problem is connected to devices, such as personal computers and tablets, which elementary and junior high schools distribute to their students….
Cyber Attack May Have Exposed Alabama Student, Teacher Data
Rebecca Griesbach reports: The Alabama State Department of Education experienced a data breach in June that may have compromised some student and employee data, officials announced Wednesday. On June 17, information system staff interrupted and stopped an attack on the department’s computer system before hackers could fully access the system or lock it, according to…
Two recent NYS audits of k-12 districts’ information technology security
The NYS Comptroller’s Office recently released more audits of school districts. Here are two of them: Whitney Point Central School District – Information Technology (IT) (Broome County) Audit Period July 1, 2021 – February 24, 2023. We extended our audit period to August 31, 2023 to review backup restoration results and November 16, 2023 to…
Louisiana Special School District ransomware attack possibly compromised workers’ personal information
Allison Bruhl reports: Louisiana Special School District employees were notified of a cyber attack on Friday, June 28, a little more than a month after it was discovered. According to the superintendent on July 3, the Louisiana State Police’s Cyber Crimes Division was contacted after an Akira ransomware breach was found on May 24. “Our…