Jan 172019

Erik White reports:

Nearly two years after the Friday night when he decided to test out the computer system at Laurentian University, Spencer Brydges pleaded guilty Wednesday in a Sudbury courtroom.

Back in 2017, the comptuer science student was surprised that he could access the personal information of professors and other students.

Brydges then reported the flaw in the system to Laurentian University, which responded by shutting down its system, banning him from campus and calling Sudbury police.

Read more on CBC.  The judge sentenced him to  12 months probation and 25 hours of community service. It doesn’t mention whether his record will be wiped clean at the end.

Jan 112019

Hank Tester reports:

A major investigation is underway at a South Florida high school into just that.

Three students are suspected of breaking into Flanagan High School’s computer system to boost their classmates’ grades, but only those who paid.

“They are like 18,” said student Valaria Delgado. “They could go to jail. That’s like hacking.”

“Like hacking?” No, it *is* hacking. They seem to have gotten hold of a teacher’s passcode.

Read more on CBS.


Jan 102019

Dark Reading staff report:

Google is ramping up the G Suite with new security alerts designed to notify administrators of Gmail phishing attacks and intruders’ data exfiltration processes.

Only admins are affected by the G Suite changes, which also include a new alert deletion option and a link to audit logs for G Suite Business and Basic domains, Google explains in a blog post, according to the company. Phishing alerts will generate notifications for suspicious looking emails in Gmail inboxes; admins in G Suite Enterprise domains can investigate them and, if necessary, remove bulk messages.

Read more on Dark Reading.

Jan 102019

Jeanette Boner provides an update on a breach previously noted on this blog.

Teton School District Superintendent Monte Woolstenhulme said at Monday’s meeting that he was made aware at 2:30 p.m. that afternoon from the FBI that $484,000 of the $784,000 lost to fraud will likely be recovered.

In a tearful report, Woolstenhulme “deeply apologized” to the community adding that he was “devastated,” “angry” and “hurt” over the case that found more than three quarters of million dollars in bond funding sent to fraudulent bank account.

The Monday meeting was set as a work meeting to discuss student achievement measures, but after a public push to set a designated time to discuss the fraud case, the school board opened the meeting up at 6 p.m. to 13 members of the public and more than 80 live-viewers who watched as the meeting was streamed through the district Facebook page.

Community members struggled to understand how, even after a 2017 email fraud that drained the district of $20,000, could this happen to the district again.

Read more on Teton Valley News.

Jan 102019

Betsy Foresman reports:

Bridgeport Public Schools, a K-12 district in Connecticut about 40 miles northeast of the Bronx, became infected by ransomware on Friday, Jeffrey Postolowski, director of technology services, confirmed to EdScoop.

First reported by the Connecticut Post, the cyberattack originated from a virus dispatched by a malicious outsider and has encrypted district data to hold it hostage for a ransom. The district has not stated the amount of the ransom or whether it will pay it rather than take steps to decrypt the locked data itself. The district superintendent’s office did not respond to an email requesting answers to these questions.

Read more on EdScoop.