The other day, Joseph Lorenzo Hall, PhD commented on Twitter about how doing notifications of breaches or leaks is a pretty thankless job. And it often is. Yesterday and today, however, I feel pretty good about the time I spent trying to make two notifications. The first “it was worth it afterall” experience involved a…
Category: Breach Incidents
After threatening lawsuit, Shafer now says she did not intend to sue Paterson Times for exposing data breach
Jayed Rahman of the Paterson Times is likely loving work these days, with the Paterson schools giving the paper — and the reporter — lots of imprudent statements to report on. In today’s installment, it sounds like the district’s superintendent is walking back a perceived threat to sue the paper for basically committing journalism. After…
The Total Registration incident– Comments from the K-12 Cybersecurity Resource Center
Doug Levin has a write-up on the Total Registration data security incident first reported by this site. Doug raises a number of important issues and comments, and I hope his commentary gets wider coverage and discussion. I’m still mulling over the fact that a few of the school districts that this site attempted to notify…
Salesforce outage hits when firm tries to stop data leak
From the we-tried to fix-the-frying-pan-now-about-that-fire dept., Michael Novinson reports: Salesforce told customers on Saturday Australian time that it is experiencing a “major issue with its service” and is attempting to resolve it as quickly as possible. At the time of writing the firm’s status page said the incident impacts “several Salesforce NA and EU instances”…
Firms That Promised High-Tech Ransomware Solutions Almost Always Just Pay the Hackers
Renee Dudley and Jeff Kao report that two firms that advertised technology solutions to responding to ransomware incidents — Proven Data Recovery of Elmsford, New York and Florida-based MonsterCloud – were really just paying ransom to the attackers. Read more on ProPublica. I suspect that ransom payments have been the dirty little secret for the…
GozNym malware: cybercriminal network dismantled in international operation
A press release from Europol today: An unprecedented, international law enforcement operation has dismantled a complex, globally operating and organised cybercrime network. The criminal network used GozNym malware in an attempt to steal an estimated $100 million from more than 41 000 victims, primarily businesses and their financial institutions. A criminal Indictment returned by a…