This report was published December 28, 2017, but I’m first seeing it today. Joe Dexter reports on the devastation Rockingham County Schools experienced after employees fell for a phishing email. The only good news, perhaps, was that personal information did not appear to have been acquired or exfiltrated: All it took was several downloads of…
Category: Education Sector
Website operators are in the dark about privacy violations by third-party scripts
by Steven Englehardt, Gunes Acar, and Arvind Narayanan Recently we revealed that “session replay” scripts on websites record everything you do, like someone looking over your shoulder, and send it to third-party servers. This en-masse data exfiltration inevitably scoops up sensitive, personal information — in real time, as you type it. We released the data…
Montana State University Billings notifying students after laptop was stolen in November
Ugh. Another laptop was apparently stolen from an employee’s car. This one was from the education sector, but it contained some student health information and health insurance information. The incident was reported by Montana State University Billings to the Montana Attorney General’s Office on January 5, and letters are going out today to affected students….
Columbia Falls School District Number 6 notifies employees whose data may have been compromised by TheDarkOverlord
Interesting. The Columbia Falls School District Number 6 in Montana, who had been attacked by TheDarkOverlord, sent out notification letters and notified the Montana Attorney General’s office on January 5. In their submission to Montana, they note that the breach began September 1, and ended on November 13. In actuality, the November 13 date was…
Ca: Regina Public investigated after teacher breached students’ privacy
Here is the argument for more education and training. Ashley Martin reports: The Regina Public School Division is addressing policy gaps after a teacher uploaded more than 2,000 documents, many containing students’ information, to a public website. Some of the information was online for 15 months before the privacy breach was reported to the Office…
Lawyer for Franklin Regional School District DDoS suspect seeks evidence suppression
Jeff Himler reports that the attorney for Michaela King, a former Franklin Regional School District student accused of launching cyber attacks in 2016 that affected local school districts, the Catholic diocese, and Westmoreland County government, has asked the court to suppress evidence in the case. …. King’s attorney, David Shrager, claims the consultant violated state and…