Kimberly Peretti, Amy Mushahwar, and Alysa Austin of Alston & Bird write: On October 13, 2020, state financial regulators in partnership with the Bankers Electronic Crimes Taskforce and the U.S. Secret Service, released the Ransomware Self-Assessment Tool (R-SAT) to help financial institutions mitigate the risks of ransomware. The R-SAT is a detailed questionnaire designed to evaluate the…
Category: Commentaries and Analyses
Ca: Western students alerted about security breach at exam monitor Proctortrack
Andrew Lupton reports: A security breach of Proctortrack, the software Western University uses to monitor student exams remotely, is adding new fuel to a debate raging on campus over privacy concerns about the program. Proctortrack allows students to be monitored to prevent cheating while they take exams at home using their own computers. The program…
GAO: DATA SECURITY: Recent K-12 Data Breaches Show That Students Are Vulnerable to Harm
DATA SECURITY: Recent K-12 Data Breaches Show That Students Are Vulnerable to Harm GAO-20-644: Published: Sep 15, 2020. Publicly Released: Oct 15, 2020. Schools and school districts collect and store a lot of personal information about their students. But are K-12 institutions adequately securing student data? We found: Thousands of K-12 students had their personal information…
Privacy nightmare for Toledo Public Schools: Hackers dumped student and employee data
By mid-September, it was clear that school districts were under increased threat of ransomware attacks. In fact, when Clark County School District (CCSD) in Las Vegas and Fairfax County Public Schools (CFPS) in Virginia were added to the Maze cartel’s leak site, it seemed to portend potentially big data dumps. Since that dump, Maze dumped…
Twitter hackers trick employees by posing as IT workers, NY probe finds
Noah Manskar reports: A simple phone scam was the key first step in a Twitter hack that took over dozens of high-profile accounts this summer, New York regulators say. The hackers responsible for the July 15 attack called Twitter employees posing as company IT workers and tricked them into giving up their login credentials for the social network’s internal tools, the state’s Department of…
CISA and MS-ISAC Release Joint Guide on Ransomware
Trisha Anderson, Ashden Fein and James Yoon of Covington & Burling write: On September 30, 2020, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Multi-State Information Sharing and Analysis Center (“MS-ISAC”) released a joint guide synthesizing best practices to prevent and respond to ransomware. This guide was published the day before OFAC and FinCEN released their…