Britton White writes: After a university was recently hit with Ransomware, I decided to research the university’s domain name searching for any users who might have been hit with Redline Infostealer/Malware. To no surprise, I found many students had unknowingly had their saved browser credentials scraped (stolen/exfiltrated). It didn’t take long to find a student…
Category: Education Sector
Growing Number of Contra Costa Community College District Email Accounts Compromised By Phishing Attack
Takeshi Kawata reports: Over the past month, Contra Costa Community College District (4CD) students and faculty have been inundated with phishing emails from compromised student and employee accounts, according to the district. The vast majority of phishing emails contain links to forms that request individuals’ personal information. The recent outbreak of scam emails is the…
Ca: University Life Sciences students facing mass data breach Life Sciences students facing mass data breach
Asbah Ahmad reports: Confidential student information in the Life Sciences department was disseminated via email on Apr. 7. The information included student GPAs, student names, student numbers, academic plans, and years of study as of Sept. 2021. Students’ sexes and email addresses were also compromised. Read more at The Queens University Journal.
Update: No sensitive data taken during District 518 cybersecurity breach
On March 8, Kari Lucin at The Globe reported that District 518 in Minnesota had confirmed a data breach involving an employee’s email account, but didn’t anticipate a big problem. Yesterday, Lucin followed up with the district’s confirmation that no personal information or data had been taken or used in the February incident. An investigation…
AlphaV claims attack on Florida International University (updated)
It’s been a while since DataBreaches.net reported on data security incident involving Florida International University in Miami, but if AlphaV’s claims are true, they have been breached again. AlphaV (“BlackCat”) added FIU to their leak site and claim: In our design the following information: -Personal information of students and teaching staff, including confidential data, SSN,…
NYS Comptroller releases more school district IT Audits
Readers may want to read the full LaFargeville report, linked below, because it provides information to school districts about best practices and recommendations for how to accomplish certain security goals. LaFargeville Central School District – Information Technology (Jefferson County) Key Findings District officials did not establish adequate IT controls over physical IT assets and non-student user…