WGRZ reports: Independent Health said Friday that the names, member ID numbers and medical information for over 500 Williamsville School District employees were accidentally released to stop loss carriers and brokers. The inadvertent breach took place between August 2019 and August 2021 and was discovered during a regular safety and security review. It did not…
Category: Education Sector
Missouri Teachers’ Social Security numbers at risk on state agency’s website; state’s response is to shoot the messenger?
Josh Renaud reports: The Social Security numbers of school teachers, administrators and counselors across Missouri were vulnerable to public exposure due to flaws on a website maintained by the state’s Department of Elementary and Secondary Education. The Post-Dispatch discovered the vulnerability in a web application that allowed the public to search teacher certifications and credentials…
How I hacked ALL displays in my high school district to play Rick Astley
Minh Duong writes: On April 30th, 2021, I rickrolled my high school district. Not just my school but the entirety of Township High School District 214. It’s the second-largest high school district in Illinois, consisting of 6 different schools with over 11,000 enrolled students. This story isn’t one of those typical rickrolls where students sneak…
Data Hack Hits Alumni of Harvard-Westlake Private School
Gary Baum reports: Students’ confidential academic files were hacked and exposed at Los Angeles private school Harvard-Westlake. Archived SAT scores, GPAs, transcripts and college recommendation letters were downloaded, then sent to a group of parents and the school newspaper, as well as The Hollywood Reporter. The materials encompass approximately 150 alumni who graduated over the past…
K–12 Cybersecurity Act Signed into Law
David Nagel reports: On Friday, Oct. 8, President Biden signed the K–12 Cybersecurity Act of 2021 into law. The act comes in response to growing data security incidents impacting K–12 schools in recent years, including a dramatic rise in ransomware and other forms of malware. On its own, the legislation is fairly simple: It authorizes the director of…
Manhasset School District Victim of Ransomware?
Frank Rizzo reports: Manhasset School District Acting Superintendent of Schools Gaurav Passi, at the Oct. 7 board of education meeting, said that the district may have been the victim of ransomware. “At this time we can confirm that we have discovered ransomware in our system,” Passi said. “And that the malicious actor—or threat actor, as…