Scott Travis reports: Hackers who demanded up to $40 million from the Broward School District have now published nearly 26,000 files stolen from district servers. An initial review by the South Florida Sun Sentinel found a few isolated incidents where confidential student or employee information was released, but none that contained Social Security numbers. The…
AU: Service NSW kept victims in dark after hackers stole personal data
Jess Malcolm reports: The NSW government has deliberately failed to inform tens of thousands of people that their personal information was stolen in a cyber security attack on Service NSW employee emails, as the agency says it has no obligation to notify affected customers. Documents obtained by The Australian show Service NSW decided not to…
School system mistakenly releases names of students, staff with COVID
Jim McConnell reports: The local school system failed to properly redact personal information from a document requested through the Virginia Freedom of Information Act, inadvertently releasing to a parent last week the names of all Chesterfield County Public Schools students and employees who have reported testing positive for COVID-19. Chesterfield resident Grace Olsen, the mother…
Social-Media Data Leaks Draw Scrutiny From European Regulators
Catherine Stupp reports: Facebook Inc., Clubhouse and Microsoft Corp.’s LinkedIn have stressed that recently reported data leaks involved information from public user profiles, not from security breaches. In the European Union, where privacy laws require businesses to protect even publicly available personal data, that distinction may not relieve them of responsibility. Read more on WSJ.
Cyber agency asks Indian FB users to enhance account privacy after global data leak
The Tribune reports: Country’s cyber security agency CERT-In has advised Facebook users to strengthen their account privacy settings after a recent global ‘data scraping’ incident in the social media platform was detected that affected about 61 lakh Indians. “As the Facebook platform evolves and grows, parts of your account could be public. Data could also…
Brit authorities could legally do an FBI and scrub malware from compromised boxen without your knowledge
Gareth Corfield comments: UK authorities could lawfully copy the FBI and forcibly remove web shells from compromised Microsoft Exchange server deployments – but some members of the British infosec industry are remarkably quiet about whether this would be a good thing. In the middle of last week the American authorities made waves after deleting web shells…