Yet another notification letter provides an example of why we need legislation requiring more transparency in disclosures. A DataBreaches.net OpEd. Background: The Bluefield University Breach On May 2, DataBreaches reported a cyberattack involving Bluefield University in Virginia that had first been reported by WVVA. The local media had reported that on May 1, Bluefield had…
Category: Commentaries and Analyses
The EU’s Cyber Resilience Act Has Now Been Agreed
Mark Young and Aleksander Aleksiev of Covington and Burling write: Yesterday, the European Commission, Council and Parliament announced that they had reached an agreement on the text of the Cyber Resilience Act (“CRA”). As a result, the CRA now looks set to finish its journey through the EU legislative process early next year. As we explained in our…
NYS Comptroller Audit: North Tonawanda City School District – Information Technology (2023M-102)
NYS Comptroller Thomas DiNapoli recently released an audit of the North Tonawanda City School District. Summary: Issued Date: November 03, 2023< [Read complete report – pdf] Audit Objective Determine whether North Tonawanda City School District (District) officials properly secured user account access to the network and managed user account permissions in financial and student information…
NYS Comptroller Audit: Brentwood Union Free School District – Information Technology (2023M-83)
NYS Comptroller Thomas DiNapoli recently released an audit of the Brentwood Union Free School District on Long Island. Summary: Issued Date: November 03, 2023 [Read complete report – pdf] Audit Objective Determine whether the Brentwood Union Free School District (District) Board of Education (Board) and officials ensured computerized data was safeguarded by monitoring network user…
If you’re in Rock County, Wisconsin, do NOT read this post. Absolutely do not read this post.
If you’re in Rock County, Wisconsin, it seems your Information Technology Director and Corporation Counsel do not want you to know certain things about the September ransomware attack — even though people in the rest of the country may already know what they have decided not to tell you. They didn’t even tell your own…
PA: Great Valley School District Falls Victim to Ransomware Attack
As DataBreaches noted yesterday on infosec.exchange, the Medusa ransomware gang claims to have hit Great Valley School District in Pennsylvania. They provide a filetree showing a lot of Skyward, Canvas, PowerSchool, and other internal files, as well as 20+ screencaps of student info and employee info files to support their claim. They are demanding $600k…