One of the recurring themes in this site’s blog posts this year has been the fact that way too many entities not only store old data, but fail to secure it or protect it adequately from malware attacks or other attacks. Today’s unhappy example comes to us from Apollo Career Center (“Apollo”), an adult education…
Category: U.S.
A rough week for Missouri teachers who are notified of not one, but two separate incidents
The Public School and Education Employee Retirement Systems of Missouri has notified 349,246 employees and retirees of a security incident that occurred on September 11. According to their notification letter, an employee’s email account was accessed by an unauthorized individual for less than one hour on that date before IT disabled the account after being…
US govt reveals three more ransomware attacks on water treatment plants this year
Catalin Cimpanu reports: Ransomware gangs have silently hit three US water and wastewater treatment facilities this year, in 2021, the US government said in a joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA. The attacks —which had been previously unreported— took place in March, July, and August and hit facilities in Nevada,…
Convicted SUNY Plattsburgh hacker’s sentencing adjourned, counsel seeks expert services
Fernando Alba of The Press-Republican reports: Convicted hacker and SUNY Plattsburgh alumnus Michael P. Fish’s sentencing has been adjourned again Thursday. Fish’s attorney asked for a 60-day extension to complete court approved expert witness services requested in August, according to court documents. Fish pleaded guilty to aggravated identity theft, computer intrusion and child pornography possession…
Williamsville School employees’ private health data inadvertently leaked by Independent Health
WGRZ reports: Independent Health said Friday that the names, member ID numbers and medical information for over 500 Williamsville School District employees were accidentally released to stop loss carriers and brokers. The inadvertent breach took place between August 2019 and August 2021 and was discovered during a regular safety and security review. It did not…
Missouri Teachers’ Social Security numbers at risk on state agency’s website; state’s response is to shoot the messenger?
Josh Renaud reports: The Social Security numbers of school teachers, administrators and counselors across Missouri were vulnerable to public exposure due to flaws on a website maintained by the state’s Department of Elementary and Secondary Education. The Post-Dispatch discovered the vulnerability in a web application that allowed the public to search teacher certifications and credentials…