Brandon Lingle really laces into Judson ISD over their incident response and transparency in the wake of a June ransomware incident. It appears that the district paid an undisclosed amount of ransom to unidentified threat actors, but it’s not clear what they got for that ransom payment. It was a month before phone and...
When, if ever, will there be actual consequences for school districts that still do not practice basic security hygiene? Comptroller DiNapoli has released yet another k-12 district IT audit where the are results so bad that they won’t make them public. From the state’s summary: Audit Objective Determine whether Mount Pleasant Central School District...
Kathleen Moore reports: Emma Willard School has been dealing with a ransomware attack that struck the school last week, school Head Jennifer Rao said in a letter to the school community. Personal financial information for some members of the Emma Willard community was stolen. Employees’ Social Security numbers were also taken, she said in...
On July 15, New York State Comptroller Thomas P. DiNapoli released the following school district audits. Clicking on the links will take you to the fuller reports, but even then, some things were so bad, it seems, that findings were told to the districts, but not put in writing in public reports that threat...
Amy Friedenberger reports Virginia Tech was the target of two cyberattacks recently. The most recent attack was part of the Kaseya incident. An earlier attack in May reportedly involved an attempt to encrypt the university’s server. In neither case was there any evidence of data exfiltration. Read more on The Roanoke Times.
School districts continue to be low-hanging fruit for threat actors. While Grief threat actors hacked and then dumped data from Clover Park School District in Washington, Booneville School District in Mississippi, and Lancaster ISD in Texas, Vice Society hacked and then dumped data from Whitehouse ISD, also in Texas. On June 28, DataBreaches.net emailed...
Clover Park School District in Washington state is only one of several k-12 districts recently attacked by threat actors calling themselves “Grief.” The same threat actors also attacked Booneville School District in Mississippi and Lancaster Independent School District in Texas. Note that DataBreaches.net has no information or confirmation to indicate whether either of the...
Denette Wilford reports: A high-schooler in Connecticut allegedly hacked into his school’s computer database, so he could put a quote from Adolf Hitler into a yearbook. The incident happened in May, when the 18-year-old student at Glastonbury High School popped a Hitler quote underneath the photo of a classmate, police said. Read more on...
Kate Evans reports: Morgan County Schools was one of many victims of a massive Fourth of July weekend ransomware attack that struck businesses and agencies nationally and around the globe. A Russian-based hacker group initially demanded $70 million to stop the cyberattack. School Superintendent Kristen Tuttle said at a July 6 school board meeting...
Education Industry at Higher Risk for IT Security Issues Due to Lack of Remote and Hybrid Work Policies