Ann Costantino reports: A massive security flaw has been detected that allowed unrestricted access to highly sensitive records pertaining to students, staff and internal school system data on a Baltimore County Public Schools (BCPS) public facing website. The system’s BCPS One/Schoology platform, where students are able to access classes, grades and academic resources online, is…
Category: Education Sector
The University of Chicago Medicine Exposed ‘Perspective Givers’ Database With More Than A Million of Records
Another Elasticsearch misconfiguration found by SecurityDiscovery. You can read about it here.
Australian National University data breach stretching back 19 years detected; Affects approximately 200,000
ABC in Australia reports: The Australian National University has been hit by a massive data hack, with unauthorised access to significant amounts of personal details dating back 19 years. A sophisticated operator accessed the ANU’s systems illegally in late 2018 but the breach was only detected two weeks ago, the university said in a statement….
MO: Data security breach affects thousands of students of Jefferson City Public Schools
A now-suspended employee of Jefferson City Public Schools transferred student files containing medical information and student identification numbers to a personal email account, the district said in a news release Wednesday. The district said it recently determined the employee transferred the files into a personal Gmail account, which is a violation of district policy. The…
Utah knew the company it picked to create standardized tests had a history of crashes and cyberattacks. It signed a $44 million contract with Questar anyway.
Courtney Tanner reports: In other states, the year-end tests were marked by glitches and cyberattacks and hourlong delays. One school district threw out its results because the software was so unreliable. In another, all of the students had to start over when the programming shut down and didn’t save their responses. Sensitive student data was…
How I hacked into a college’s website again!
Aditya Anand writes: This is a follow up article to the previous piece that I wrote – How I hacked into a college’s website to obtain the student’s database. Refer to my last hack – How I hacked into a college’s website! …. What was different than the last time? The last time I tried to hack…