Michael Elsen-Rooney reports: Following two high-profile data breaches, New York City’s Education Department has moved to shore up its cybersecurity protocols, increasing its vetting of software vendors and tightening email access for schools and parent leaders. Because of the new protocols, the school year has started without approvals for scores of programs, including popular ones…
K–12 IT Administrators Encounter Additional Security Controls for Users Under 18
Rebecca Torchia reports: Following the shift to incorporate more online and digital learning, schools leaned into the adoption of educational software products and applications. Many of these applications tracked student data, with data collection being the primary driver of some applications’ use in schools, as educators found value in tools that could analyze students’ progress. In other cases,…
Law Firm Accused of Waiting More Than a Year to Inform Affected Parties About Data Breach
Riley Brennan reports: Los Angeles-based law firm Hill, Farrer & Burrill was slapped with a data breach class action over allegations it detected a data breach in March 2022 but waited over a year to inform affected individuals their personal information had been leaked. […] According to the complaint, Hill Farrer determined that cybercriminals gained…
Visiting Physician’s Network in Texas silent about ransomware attack and incident response
One of the newer ransomware groups to open a leak site is “ThreeAM.” Bleeping Computer recently reported that the ThreeAM malware is written in Rust, and on at least one occasion, researchers discovered that when LockBit failed, ThreeAM (aka 3AM) was successfully deployed. Symantec has more details on the malware and the group’s methods. ThreeAM…
More victims of MOVEit breach are revealed: Nuance discloses for covered entities (UPDATE 1)
Add yet one more business associate to those affected by the Clop attack on Progress Software MOVEiT. Nuance has disclosed that it was affected by the May attacks. Although no number was revealed, the Microsoft-owned technology firm stated it was disclosing on behalf of: Atrium Health, the Charlotte-based health care system giant. Catawba Valley Medical…
Cyberattack on a Breton municipality: private data released
The following is a Google translation of a post originally published in French by Europe1 with AVP: The town of Betton (Ille-et-Vilaine), close to Rennes, was the victim of a cyberattack by hackers who disseminated personal data due to the municipality’s refusal to pay a “ransom”, according to corroborating sources. The “ransomware” attack was committed…