Kimberly Peretti, Amy Mushahwar, and Alysa Austin of Alston & Bird write: On October 13, 2020, state financial regulators in partnership with the Bankers Electronic Crimes Taskforce and the U.S. Secret Service, released the Ransomware Self-Assessment Tool (R-SAT) to help financial institutions mitigate the risks of ransomware. The R-SAT is a detailed questionnaire designed to evaluate the…
Category: Of Note
Ca: Western students alerted about security breach at exam monitor Proctortrack
Andrew Lupton reports: A security breach of Proctortrack, the software Western University uses to monitor student exams remotely, is adding new fuel to a debate raging on campus over privacy concerns about the program. Proctortrack allows students to be monitored to prevent cheating while they take exams at home using their own computers. The program…
GAO: DATA SECURITY: Recent K-12 Data Breaches Show That Students Are Vulnerable to Harm
DATA SECURITY: Recent K-12 Data Breaches Show That Students Are Vulnerable to Harm GAO-20-644: Published: Sep 15, 2020. Publicly Released: Oct 15, 2020. Schools and school districts collect and store a lot of personal information about their students. But are K-12 institutions adequately securing student data? We found: Thousands of K-12 students had their personal information…
Privacy nightmare for Toledo Public Schools: Hackers dumped student and employee data
By mid-September, it was clear that school districts were under increased threat of ransomware attacks. In fact, when Clark County School District (CCSD) in Las Vegas and Fairfax County Public Schools (CFPS) in Virginia were added to the Maze cartel’s leak site, it seemed to portend potentially big data dumps. Since that dump, Maze dumped…
Twitter hackers trick employees by posing as IT workers, NY probe finds
Noah Manskar reports: A simple phone scam was the key first step in a Twitter hack that took over dozens of high-profile accounts this summer, New York regulators say. The hackers responsible for the July 15 attack called Twitter employees posing as company IT workers and tricked them into giving up their login credentials for the social network’s internal tools, the state’s Department of…
Twitter Data-Breach Case Won’t Be Resolved Before Year’s End, Ireland’s Regulator Says
Angus Loten reports: European privacy regulators are unlikely to issue a final ruling on Twitter Inc.’s handling of a data breach disclosed in January 2019 before the end of this year, Ireland’s data commissioner said Wednesday. Under the General Data Protection Regulation, the European Union’s 2018 data privacy law, Twitter faces a fine of up to 2% of…