A financial penalty of $10,000 was imposed and directions were issued to HMI Institute of Health Science for failing to put in place reasonable security arrangements to protect the personal data of former students. Case No. DP-2405-C2321 HMI Institute of Health Science Pte. Ltd. (the “Organisation”) is a healthcare training provider in Singapore. On 2…
Category: Education Sector
Grand Forks Public Schools Loses $2.2M to Phishing Scam
Joshua Irvine reports: The business manager of Grand Forks Public Schools said Monday the $2.2 million swindled from the district earlier this year was taken in a phishing scheme. […] In the four days leading up to the Sept. 13 fraud event, the district’s business office made more than a thousand payments, according to records…
N.J. school accidentally released names of kids who opted out of sex education
Tina Kelley reports: A Cherry Hill resident has asked the U.S. Department of Education to investigate the Cherry Hill School District for releasing the names of dozens of students whose families opted them out of sex education classes. The breach came after an education advocacy group filed public records requests in every district in the state,…
School ransomware attacks are on the rise. What can districts do?
Kara Arundel reports: … Ransomware — where threat actors use malware to block access to network systems and then demand payment to unlock it — has been ballooning in the K-12 sector over the last seven years, according to the K12 Security Information eXchange. Known as K12 SIX, the national nonprofit helps protect schools from…
K12 SIX Releases Updated Framework for School Cybersecurity
Brandi Vesco reports: The K12 Security Information eXchange (K12 SIX) has updated its cybersecurity recommendations for the 2024-25 school year to keep pace with evolving cybersecurity best practices, such as the need for multifactor authentication (MFA) for vendors and segmentation of student traffic. The framework of recommendations is weighted, which means it allows users to…
Privacy and Security of Student Data (Follow-Up of Audit of NY State Education Department)
Issued Date: September 26, 2024 Agency/Authority: State Education Department Full Report (.pdf) Objective To determine the extent of implementation of the three recommendations included in our initial audit report, Privacy and Security of Student Data (Report 2021-S-29). About the Program The State Education Department (SED) is part of the University of the State of New York, one of…