Brandi Vesco reports: The K12 Security Information eXchange (K12 SIX) has updated its cybersecurity recommendations for the 2024-25 school year to keep pace with evolving cybersecurity best practices, such as the need for multifactor authentication (MFA) for vendors and segmentation of student traffic. The framework of recommendations is weighted, which means it allows users to…
Category: Education Sector
Privacy and Security of Student Data (Follow-Up of Audit of NY State Education Department)
Issued Date: September 26, 2024 Agency/Authority: State Education Department Full Report (.pdf) Objective To determine the extent of implementation of the three recommendations included in our initial audit report, Privacy and Security of Student Data (Report 2021-S-29). About the Program The State Education Department (SED) is part of the University of the State of New York, one of…
School districts in Illinois, Louisiana, and Texas all recently reported breaches
School districts in Illinois, Louisiana, and Texas have all recently reported data security incidents. One involved insider wrongdoing, while the other two appear to be external incidents. In Illinois, Sydney Sinks reports: A recent data breach in Bethalto Community Unit School District #8 targeted Superintendent Dr. Jill Griffin, according to the school district. On Oct….
Previously Extradited Nigerian National Sentenced For Role In Multimillion-Dollar Business Email Compromise Schemes Targeting Educational Institutions And Businesses in North Carolina and Texas
CHARLOTTE, N.C. – A dual citizen of Nigeria and the United Kingdom was sentenced today to seven years in prison for his role in a multimillion-dollar business email compromise (BEC) scheme, announced Dena J. King, U.S. Attorney for the Western District of North Carolina, and Alamdar S. Hamdani, U.S. Attorney for the Southern District of Texas….
Richmond Community Schools reports ransomware attack; Scranton School District paid ransom in March
One new attack on a k-12 district and an update on a previous one. WHIO reports that Richmond Community Schools in Indiana posted to social media that student and staff information in the PowerSchool software system was breached in a ransomware attack on Friday. “While there is no current evidence of misuse, RCS has shut…
IL: Confidential student information released in District 203 data leak
For your “No need to hack if it’s leaking” files, C. J. Getting reports: Confidential student information was unintentionally leaked in Naperville Central’s School Improvement Plan, which was released publicly on Friday, Sept. 20. It was removed on Tuesday, Sept. 24 around 3:35 p.m. when Central Times staff brought the breach to the attention of…