On May 12, 2022, Vicksburg-Warren School District in Mississippi issued a breach notification. Its explanation begins, “On or around May 28, 2021, VWSD detected unusual activity within its digital environment.” Investigation revealed that files with personal information “may have been accessed or acquired.” The “may have been” seems a bit vague given that threat actors calling…
UK: Central Bedfordshire Council leaked special educational needs students’ personal details
It’s a council two-fer today it seems when it comes to breaches of students’ information. First we had the Cornwall Council item. Now we learn about how Central Bedfordshire Council leaked the details of ‘dozens and dozens’ of special educational need (SEND) pupils. The council leaked the details when responding to a Freedom of Information (FOI)…
Ca: Elgin data breach ‘devastating’ for victims; county not transparent about incident – Cavoukian
Norman de Bono reports: Personal information for 330 people, some of it highly sensitive, was compromised by a “cyber-security incident” that knocked out Elgin County’s website and email system for nearly a month, the county said. Personal and employment information for county employees and some long-term care residents and former residents was dumped into the…
UK: Cornwall Council Data Breach
The Cornwall council accidentally published the personal details of five schoolchildren in publicly accessible meeting documents. Cornwall Council has apologized for the data breach, including their names, addresses, and dates of birth. It made the error when it published online documents for a meeting of its School Transport Appeals Committee. Source: InformationSecurityBuzz.
Conti abandons all pretense at professionalism, issues increasingly strident threats as Costa Rica struggles
Conti ransomware actors have created a national emergency in Costa Rica, where the government declared a state of emergency. Multiple government agencies have reportedly been impacted by an attack in April and the government’s refusal to pay the ransom demands. Kevin Collier of NBC reported: The official declaration, published on a government website Wednesday, said that the attack…
How to Fight Foreign Hackers With Civil Litigation
Kellen Dwyer, Kim Peretti, and Emily Skahill of Alston & Bird write: The Department of Justice dealt a blow to global cybercrime on April 6 with the takedown of a massive botnet controlled by “Sandworm”—the Russian General Staff Main Intelligence Directorate (GRU) unit responsible for the 2017 NotPetya attack, among others. This operation reflects the…