Quinlan Bentley reports:
Cincinnati State Technical Community College says a cybersecurity breach potentially exposed personal information stored on its network.
The Clifton-based college detected unauthorized access to the network on Nov. 2 and an investigation was launched in consultation with outside cybersecurity professionals, according to a notice posted to Cincinnati State’s website on Friday.
Read more at Cincinnati.com.
Note that this was a Vice Society attack and Vice dumped the data. Disturbingly, the college’s notice makes no mention of the fact that the data were actually dumped and made freely available. Did they tell those affected that, or did they just claim they were notifying them “out of an abundance of caution?” When are regulators going to require more transparency so that victims are informed that their data has been leaked publicly?