Well, we expected there would be a lot of schools notified by the National Student Clearinghouse about the MOVEit breach, but now we have a bit more of the scope. NSC has notified the California Attorney General’s Office on behalf of almost 900 schools. Their notification letter to those affected indicated that the types of…
Category: Of Note
DHS Pushes for Common Cyber Incident Reporting Definitions
Jose Rascon reports: The Department of Homeland Security (DHS) has released a new report looking to wrangle the different avenues in which the Federal government and its agencies report cyber incidents in a more ‘reportable’ fashion. The report, titled “Harmonization of Cyber Incident Reporting to the Federal Government” and released on Sept. 19, comes as…
Schools Are the Most Targeted Industry by Ransomware Gangs
Waqas reports that based on research by Sophos, the education sector is the most vulnerable and targeted by ransomware attacks. KEY FINDINGS 80% of lower education providers and 79% of higher education institutions reported ransomware attacks in the last year. Education is the most targeted industry by cybercriminals, primarily motivated by the high percentage of…
Customers of WeLeakInfo.to will receive a message from the Dutch police
The following is a machine translation of a press release from the Dutch Politie: Hundreds of (possible) buyers of stolen data have received a letter or email from the East Netherlands police, and people are also invited for a stop interview. This approach is a follow-up to an investigation from 2022. In May of that…
NYC schools are tightening cybersecurity. Some educators fear unintended consequences.
Michael Elsen-Rooney reports: Following two high-profile data breaches, New York City’s Education Department has moved to shore up its cybersecurity protocols, increasing its vetting of software vendors and tightening email access for schools and parent leaders. Because of the new protocols, the school year has started without approvals for scores of programs, including popular ones…
“I’m Not Pro-Russia and I’m Not a Terrorist!” —- InfraGard and Airbus Hacker “USDoD” Unveils His New Campaigns
The first time DataBreaches remembers hearing about the man who calls himself “USDoD” was when he posted a sales listing for member data from InfraGard. He had not only managed to acquire data on 80,000 members of an organization dedicated to protecting critical infrastructure, but his revelation of his method exposed some embarrassingly inept security…