Joanna Guzman reports: A hacker gains access to the city of Edcouch and threatens to erase all the city’s information if officials did not deposit $40,000 in Bitcoins; a form of electronic cash. Information from the water department and city finances were compromised in the attack. The city manager says this comes just after the…
Category: Education Sector
FL: ‘Triple Threat’ Ransomware Attack Cripples Email Systems and Services of Lake City
Cyware reports: The Lake City Police Department is investigating a ransomware attack on their city network systems that resulted in the shutdown of several emergency services. The ransomware used in the attack has been detected as ‘Triple Threat’. What happened? In a breach notification, the Lake City police have revealed that the attack occurred on…
KY: Hopkins County school system dealing with data breach
Rachel Smith reports: Parents of Hopkins County schoolchildren were greeted with a message from the school board Thursday morning alerting them of a data security breach. Because of a school board staff member’s password-protected account being compromised, a currently unidentified user had access to a countywide database, which contains the names, dates of birth and…
9.5 billion rows of email metadata leaked by Shanghai Jiao Tong University
Justin Paine reports: While searching Shodan, I recently discovered an ElasticSearch database without any authentication. This database contained metadata related to a huge amount of emails. It was eventually confirmed that this server and the email metadata was controlled by a large university located in China. I would like to thank the university’s security team…
Massive Security Flaw Detected on Baltimore County Schools’ Digital Platform, Exposing Highly Sensitive Information on Students and Staff Members
Ann Costantino reports: A massive security flaw has been detected that allowed unrestricted access to highly sensitive records pertaining to students, staff and internal school system data on a Baltimore County Public Schools (BCPS) public facing website. The system’s BCPS One/Schoology platform, where students are able to access classes, grades and academic resources online, is…
The University of Chicago Medicine Exposed ‘Perspective Givers’ Database With More Than A Million of Records
Another Elasticsearch misconfiguration found by SecurityDiscovery. You can read about it here.