An email gaffe due to not using bcc: instead of cc: or TO: revealed almost 400 Ohio State University students’ disability status to other students. Read the story on The Lantern. Note that this is a FERPA issue, and there really is no requirement for breach notification to those impacted, but the unintended disclosure needs…
Category: Education Sector
Chico State employee charged with hacking, leaking vaccine exemption requests
Austin Herbaugh reports: A Chico State employee has been charged with criminal hacking after officials say he leaked vaccine exemption requests and personal information from some students. 22-year-old Alejandro Benitez is accused of publishing a list of Chico State students who applied for a religious exemption from the university’s COVID-19 vaccine requirement. Read more on…
Student and personnel files from Manhasset Union Free School District appear on the dark web (UPDATED)
On October 7, the Manhasset Union Free School District revealed that it may have been the victim of a ransomware attack. There can no longer be any doubt that they were attacked. Over the weekend, Vice Society threat actors dumped the district’s data on their dark web leak site. Inspection of some of the files…
Popular student monitoring software could have exposed thousands to hacks
Mark Keierleber reports: A monitoring company that thousands of schools used during remote and hybrid learning to ensure students were on task may have inadvertently exposed millions of kids to hackers online, according to a September report by the security software company McAfee. The research, conducted by the McAfee Enterprise Advanced Threat Research team, discovered the…
A rough week for Missouri teachers who are notified of not one, but two separate incidents
The Public School and Education Employee Retirement Systems of Missouri has notified 349,246 employees and retirees of a security incident that occurred on September 11. According to their notification letter, an employee’s email account was accessed by an unauthorized individual for less than one hour on that date before IT disabled the account after being…
Convicted SUNY Plattsburgh hacker’s sentencing adjourned, counsel seeks expert services
Fernando Alba of The Press-Republican reports: Convicted hacker and SUNY Plattsburgh alumnus Michael P. Fish’s sentencing has been adjourned again Thursday. Fish’s attorney asked for a 60-day extension to complete court approved expert witness services requested in August, according to court documents. Fish pleaded guilty to aggravated identity theft, computer intrusion and child pornography possession…