Claire McInerny reports: The U.S. Department of Education (USED) sent a letter to Superintendent Jennifer McCormick this month outlining problems with the Indiana Department of Education’s security around student data. The state receives grant money from USED for implementing security systems, which opened the state up to an audit. According to the USED letter, the audit’s “objective…
Category: U.S.
The Government Has Finally Stopped Publicizing Abuse Victims’ Personal Information
P.R. Lockhart reports: Almost two months after revelations that the government had posted personal information of undocumented victims of abuse in a publicly searchable database, US Customs and Immigration Enforcement says that it has corrected the issue. In May, Mother Jones reported that the names of undocumented abuse victims were searchable in the Department of Homeland Security’s…
Lucchese computer hacker sentenced to 18-months in federal prison
Andra Litton has the follow-up to a case previously noted on this site: A disgruntled ex-employee of Lucchese Boots was sentenced to 18-months in federal prison and ordered to pay $57,396.76 in restitution Wednesday after pleading guilty to one count of transmission of a program to cause damage to a computer. The computer breach happened…
Dow Jones Data Leak Results from Amazon AWS Configuration Error
Kelly Sheridan reports: A data leak at Dow Jones & Co. exposed the personal information of millions of customers after a public cloud configuration error. This marks the fifth major public cloud leak in the past several months after similar incidents affected Verizon, the WWE, US voter records, and Scottrade. This mistake compromised millions of…
Schools’ information up for sale on darknet?
Another listing I stumbled across while browsing what’s for sale on the darknet offered emails from what the seller claimed are .edu, dadeschools.net, and k12.wi.us, among other sources. The vendor, “dnu2k,” was asking $16.94 and claimed to have “Only 1 in stock!” I contacted the vendor to try to obtain more information, and (s)he replied that…
Veterans Administration responds to Freedom of Information request; releases breach reports
So what did we miss because the Veterans Administration stopped posting their monthly breach reports to Congress on their web site? DataBreaches.net filed a Freedom of Information request on June 7, and the VA has responded by providing all of the requested monthly reports for the period May, 2016 – June 7, 2017. As an…