Michael Elsen-Rooney reports: Following two high-profile data breaches, New York City’s Education Department has moved to shore up its cybersecurity protocols, increasing its vetting of software vendors and tightening email access for schools and parent leaders. Because of the new protocols, the school year has started without approvals for scores of programs, including popular ones…
Category: Commentaries and Analyses
K–12 IT Administrators Encounter Additional Security Controls for Users Under 18
Rebecca Torchia reports: Following the shift to incorporate more online and digital learning, schools leaned into the adoption of educational software products and applications. Many of these applications tracked student data, with data collection being the primary driver of some applications’ use in schools, as educators found value in tools that could analyze students’ progress. In other cases,…
Experiment: How easy it was for me to influence Anonymous hacktivists
Jesse William McGraw writes: To say that we are living in a volatile time would be a brazen understatement. Since the onset of #OpRussia and successive operations, arguably the entire landscape of hacktivism has changed. On February 25th, 2022, Anonymous officially declared war on Russia in response to the Russian-Ukrainian war. What I witnessed in…
“I’m Not Pro-Russia and I’m Not a Terrorist!” —- InfraGard and Airbus Hacker “USDoD” Unveils His New Campaigns
The first time DataBreaches remembers hearing about the man who calls himself “USDoD” was when he posted a sales listing for member data from InfraGard. He had not only managed to acquire data on 80,000 members of an organization dedicated to protecting critical infrastructure, but his revelation of his method exposed some embarrassingly inept security…
Personal Data Protection Commissioner of Singapore announces two decisions
The Personal Data Protection Commissioner of Singapore (PDPC) announced two decisions this week: A financial penalty of $3,000 was imposed on Autobahn Rent A Car for failing to put in place reasonable security arrangements to protect the personal data in its possession or under its control. Directions were also issued to strengthen access control measures…
AlphV responds to MGM incident and sloppy reporting
AlphV has posted a statement about their attack on MGM Resorts. They also post some scathing criticisms of journalists and news outlets for reporting inaccurately and not verifying sources. Of note, their statement also asserts, “The ALPHV ransomware group has not before privately or publicly claimed responsibility for an attack before this point. Rumors were…