The bar has been lowered. Which bar, you wonder? The bar for how low entities will sink rather than just saying they experienced a ransomware attack. Becky Z. Dernbach reports: Minneapolis Public Schools will open for in-person instruction as usual Monday, after a week of disruptions from “technical difficulties” and snow. In an email to…
Category: Education Sector
Misconfiguration caused data breach affecting Stanford University PhD applicants
Sergiu Gatlan reports: Stanford University disclosed a data breach after files containing Economics Ph.D. program admission information were downloaded from its website between December 2022 and January 2023. Last week, the university sent data breach notification letters to 897 individuals who submitted personal and health information as part of the graduate application to its Department of Economics,…
L.A. Unified admits that at least 2,000 student records dumped after ransomware attack
Mark Keierleber’s article on The 74, noted on this blog yesterday and discussed by some of us on infosec.exchange, has apparently resulted in the district making some small admissions. Howard Blume reports: The Los Angeles Unified School District disclosed Wednesday that “approximately 2,000 student assessment records” were posted on the dark web as a result…
Trove of L.A. Students’ Mental Health Records Posted to Dark Web After Cyber Hack
Mark Keierleber reports: Detailed and highly sensitive mental health records of hundreds — and likely thousands — of former Los Angeles students were published online after the city’s school district fell victim to a massive ransomware attack last year, an investigation by The 74 has revealed. The student psychological evaluations, published to a “dark web”…
Department of Education to Enforce Revised Cybersecurity Requirements and Expands Interpretation of “Third-Party Servicer” Definition
Duane Morris writes: The Department of Education has issued an electronic notice relating to the updated cybersecurity regulations published by the Federal Trade Commission (FTC). On December 9, 2021, the FTC amended the Safeguards Rule under the Gramm-Leach-Bliley Act (GLBA). This comprehensive amendment updated data security requirements for financial institutions, including all Title IV institutions of higher…
Sweetwater Union High School District still dealing with impact of undefined situation
Kristen Taketa reports: Days after a sweeping systems outage first disrupted student learning and forced teachers to remake their lessons, the Sweetwater Union High School District still hasn’t said what caused the outage or when it expects a fix. […] The outage was discovered Sunday in the district’s Microsoft systems, including Outlook, according to the…