Nader Issa and Lauren FitzPatrick report: A massive data breach has exposed four years’ worth of records of almost 500,000 Chicago Public Schools students and nearly 60,000 employees, district officials told principals Friday. The attack targeted a company that has a no-bid contract with the district for teacher evaluations and involved basic student and staff…
Category: Subcontractor
2022 DSIR Deeper Dive: Vendor Incidents
Stefanie Ferrari of BakerHostetler writes: Vendor-caused incidents continued to surge in 2021. Nearly 20 percent of the total incidents we handled last year were caused by vendors, with more than half requiring notification. As in prior years, vendor incidents involved phishing schemes and inadvertent disclosures but primarily resulted from ransomware attacks on the vendors’ systems….
Cyberattack at Opus Interactive knocks Ruby Receptionists offline, disrupting service for thousands
Mike Rogoway reports: Ruby Receptionists, the Portland company that serves as a phone receptionist for thousands of small businesses, has suffered a major outage that knocked it offline all week. One of Ruby’s online vendors was hit by a cyberattack that left the company unable to accept any incoming calls or online messages, CEO Kate…
Omnicell reveals ransomware incident in SEC filing
From their May 9 10-Q filing: Our IT systems and third-party cloud services are potentially vulnerable to cyber-attacks, including ransomware, or other data security incidents, by employees or others, which may expose sensitive data to unauthorized persons. On May 4, 2022, we determined that certain of our information technology systems were affected by ransomware impacting…
Cyber attack prompts security response by Oregon secretary of state
KTVZ reports: A ransomware attack on a campaign finance firm has prompted the Oregon Elections Division to require that 1,100 users of the state’s online campaign contribution reporting system change their passwords, but Sectary of State Shemia Fagan stressed late Monday that the agency’s systems have not been hacked. […] The Oregon Elections Division learned…
Another school district notifies parent of Illuminate breach
Natalie Chuck reports that another district in Colorado has sent letters to parents about the breach at Illuminate Education that impacted more than 820,000 students in New York City as well as 24 other districts and 18 charter schools in NY: Someone, somewhere knows details about thousands of students in southern Colorado after a data…