Anna Merod reports: Dive Brief: Minnesota public school districts, charter schools and colleges must now report cybersecurity incidents such as ransomware or network attacks under a newly enacted state law. The information that schools report to Minnesota will not be shared publicly, unlike with similar statewide data breach reporting requirements in California and Maine. Instead, the information will be anonymized…
Category: Education Sector
PDPC: Breach of the Protection Obligation by HMI Institute of Health Science
A financial penalty of $10,000 was imposed and directions were issued to HMI Institute of Health Science for failing to put in place reasonable security arrangements to protect the personal data of former students. Case No. DP-2405-C2321 HMI Institute of Health Science Pte. Ltd. (the “Organisation”) is a healthcare training provider in Singapore. On 2…
Grand Forks Public Schools Loses $2.2M to Phishing Scam
Joshua Irvine reports: The business manager of Grand Forks Public Schools said Monday the $2.2 million swindled from the district earlier this year was taken in a phishing scheme. […] In the four days leading up to the Sept. 13 fraud event, the district’s business office made more than a thousand payments, according to records…
N.J. school accidentally released names of kids who opted out of sex education
Tina Kelley reports: A Cherry Hill resident has asked the U.S. Department of Education to investigate the Cherry Hill School District for releasing the names of dozens of students whose families opted them out of sex education classes. The breach came after an education advocacy group filed public records requests in every district in the state,…
School ransomware attacks are on the rise. What can districts do?
Kara Arundel reports: … Ransomware — where threat actors use malware to block access to network systems and then demand payment to unlock it — has been ballooning in the K-12 sector over the last seven years, according to the K12 Security Information eXchange. Known as K12 SIX, the national nonprofit helps protect schools from…
K12 SIX Releases Updated Framework for School Cybersecurity
Brandi Vesco reports: The K12 Security Information eXchange (K12 SIX) has updated its cybersecurity recommendations for the 2024-25 school year to keep pace with evolving cybersecurity best practices, such as the need for multifactor authentication (MFA) for vendors and segmentation of student traffic. The framework of recommendations is weighted, which means it allows users to…