Data breaches grow across UK education sector

IT Governance

A recent freedom of information request by chartered accountants UHY Hacker Young reveals a worrying rise in reported data breaches across the UK education sector. The highest number of breaches in 2016-17. Education education schools cyber security cyber essentials gdpr

Online education site EduCBA discloses data breach and reset customers? pwds

Security Affairs

The online education portal EduCBA discloses a data breach and is resetting customers’ passwords in response to the incident. EduCBA is a leading global provider of skill based education with 500,000+ members across 40+ Countries.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cloud computing provider Blackbaud paid a ransom after data breach

Security Affairs

Cloud software provider Blackbaud revealed to have paid crooks to decrypt its data following a ransomware attack that took place in May 2020. Its products focus on fundraising, website management, CRM, analytics, financial management, ticketing, and education administration.

Librarian Sues Equifax Over 2017 Data Breach, Wins $600

Krebs on Security

In the days following revelations last September that big-three consumer credit bureau Equifax had been hacked and relieved of personal data on nearly 150 million people , many Americans no doubt felt resigned and powerless to control their information.

Fixing Data Breaches Part 1: Education

Troy Hunt

We have a data breach problem. My full written testimony is in that link and it talks about many of the issue we face today and the impact data breaches have on identity verification. That was really our mandate - understanding the impact on how we verify ourselves - but I want to go back a step and focus on how we tackle data breaches themselves. Let's get started with one I raised multiple times whilst sitting in front of Congress - education.

How to Educate Your Customers When A Data Breach Occurs

Rippleshot

Data breaches are happening more frequently and when they are occurring the number of impacted consumers is growing. Not to mention, the scope is widening as droves of sensitive data is filling the dark web for fraudsters to monetize for their next big fraud scheme.

List of data breaches and cyber attacks in February 2020 – 623 million records breached

IT Governance

The 632,595,960 breached records accounts for about a third of January’s total, and is considerably lower than the figures for this time last year. Ordinance Survey discovers breach of employee data (1,000). Altice USA employees’ data stolen in phishing attack (12,000).

Chegg discloses the third data breach in the last two years

Security Affairs

The American education technology firm Chegg discloses a security breach, it already sent notifications to its employees. The US education technology company Chegg discloses a security breach that took place in early April, the firm already sent notifications to its employees.

Thinkful forces a password reset for all users after a data breach

Security Affairs

The online education platform for developers Thinkful suffered a security breach and is notifying the incident to its customers requiring them to reset their passwords. ” reads the data breach notification sent by the company.

List of data breaches and cyber attacks in August 2019 – 114.6 million records leaked

IT Governance

At first glance, August has been a quiet month for data breaches, with a total of 114,686,290 breached records. But that figure comes from 95 incidents in total, which is the highest number of breaches we’ve had all year. Data breaches.

How should you investigate a data breach?

IT Governance

Digital Guardian recently asked a group of cyber security experts what the most important step is following a data breach. So how should you approach a data breach investigation? You should therefore approach data breaches in the same way police tackle physical crime.

A 6-step guide to surviving data breaches

IT Governance

Any day during which you find out that you’ve been breached will be bad. Under the GDPR (General Data Protection Regulation) , organisations have 72 hours from the moment they become aware of a breach to report the incident. They can do this either by email or telephone, but it’s not as simple as saying “we’ve been breached”. Disclosing a breach promptly can save organisations a significant amount of money and enable those affected to secure compromised accounts.

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

Hunton Privacy

On July 1, 2020, amendments to Vermont’s data breach notification law, signed into law earlier this year, will take effect along with Vermont’s new student privacy law. Security Breach Notice Act. Student Data Privacy. Security Breach U.S.

Personal data breaches in schools, to report or not to report?

IT Governance

Under the GDPR, all personal data breaches need to be recorded by the organisation and there should be a clear and defined process for doing so. In some circumstances, breaches also need reporting to the ICO (Information Commissioner’s Office) and within 72 hours of their discovery.

The enemy within: three types of employees that cause data breaches

IT Governance

Negligent employees are the leading cause of data breaches at small and medium-sized businesses across North America and the UK, according to a recent study from Keeper Security. Education is prevention. BreachReady Breaches and Hacks data breach Data breaches

UEA suffers data breach blunder

IT Governance

The University of East Anglia (UEA) has suffered a data breach after an email containing sensitive medical information about a staff member was sent to about 300 students. This is the second breach in five months for UEA, both of which were reported to have been caused by human error.

Italian Garante Fines Bank 600,000 Euros for Pre-GDPR Data Breach

Hunton Privacy

The sanction was imposed following a data breach that took place between April 2016 and July 2017 that the banking institution notified to the Garante at the end of July 2017.

2.6 billion records exposed in 2,308 disclosed data breaches in H1

Security Affairs

billion data records have been exposed in data breached in the first half of 2018. According to a new report titled “ Mid-Year 2018 Data Breach QuickView ” published by the cyber threat intelligence company Risk Based Security some 2.6.

Melbourne professor quits after health department pressures her over data breach

The Guardian Data Protection

In 2016, Vanessa Teague, a cryptographer from the University of Melbourne, and two of her colleagues reported on a dataset , published on an open government data website by the federal government, of 2.5m

Sign up for the new education sector email updates

IT Governance

To support the wider education sector with data protection and cyber security, we are launching a sector specific email newsletter and blog series. More about our education sector products and services.

List of data breaches and cyber attacks in July 2019 – 2.2 billion records leaked

IT Governance

July was bound to be a bounce-back month, but we couldn’t have expected the frighteningly high total of 2,266,042,039 breached records. Philadelphia Federal Credit Union confirms security breach (unknown). State-sponsored hackers breach Greece’s top-level domain registrar (unknown).

Prepare for a healthcare data breach this summer

IT Governance

You’ll no doubt be taking measures to protect yourself against sunburn, but don’t forget that your organisation needs to apply its own SPF (security protection factor) to protect itself from data breach damage. Data breach statistics. Data breaches and the GDPR.

Fixing Data Breaches Part 3: The Ease of Disclosure

Troy Hunt

This week, I've been writing up my 5-part guide on "Fixing Data Breaches" On Monday I talked about the value of education ; let's try and stop the breach from happening in the first place. It's "random people" who found your data exposed to the world!!!

Inside CUNA's 'Stop The Data Breaches' Congressional Push

Rippleshot

As we approach the 10th month of the year, it's clear that 2019's data breach statistics will once again be one for the record books. Congress to pass meaningful data security legislation.

List of data breaches and cyber attacks in May 2019 – 1.39 billion records leaked

IT Governance

The cyber security story for May 2019 is much the same as it was last month, with one mammoth breach raising the monthly total. which breached sixteen years’ worth of insurance data. That incident accounted for more than 60% of all of May’s breached records. Hackers steal card data from 201 online campus stores in US and Canada (unknown). Binance breached as hackers steal £38 million in bitcoin (unknown). Data breaches.

10 Steps for Data Breach Prevention in the Workplace

Archive Document Data Storage

UK businesses face unprecedented levels of data security threats. How are you protecting your corporate data? Here are ten steps for reducing your data breach exposure: 1. You can’t protect your data without knowing where it’s stored. Locate your document and data storage repositories. A team of dedicated indexing specialists will categorise and label your documents and data so you have a full account of your information.

Mapping the threat: an insight into data breaches across Europe

Thales eSecurity

According to Thales eSecurity’s latest Data Threat Report, European Edition , almost three in four businesses have now fallen victim to some of the world’s most significant data breaches, resulting in a loss of sensitive data and diminished customer trust. Data security

Fixing Data Breaches Part 5: Penalties

Troy Hunt

In the first 4 parts of "Fixing Data Breaches", I highlighted education , data ownership and minimisation , the ease of disclosure and bug bounties as ways of addressing the problem. It was inevitable that we'd eventually end up talking about penalties though because the fact remains that although all the aforementioned recommendations make perfect sense, we're still faced with data breaches day in and day out from companies just not getting the message.

List of data breaches and cyber attacks in January 2018

IT Governance

If you’d like a more regular update of breaches and cyber attacks, I strongly suggest subscribing to our Daily Sentinel. Idaho school works to recover data weeks after cyberattack. Hospital pays $55,000 ransom; no patient data stolen. Data breaches.

University fundraising under scrutiny after data breach allegations

The Guardian Data Protection

Information Commissioner to look at evidence of wealth screening of former students before approaches made for donations University fundraising is to be examined by the Information Commissioner after allegations emerged that the personal data of some alumni was being misused. Elizabeth Denham has committed to look at evidence which allegedly shows UK universities belonging to the Russell Group sent former students’ data to firms for wealth screening before approaching them for donations.

What have the ICO said about data breach?

Privacy and Cybersecurity Law

The ICO have been discussing data breach reporting under GDPR in a new webinar. Here are the key points: GDPR introduces mandatory breach reporting. Don’t forget about integrity and availability breaches (e.g. … Data Breach United Kingdom

Fixing Data Breaches Part 4: Bug Bounties

Troy Hunt

Over the course of this week, I've been writing about "Fixing Data Breaches" which focuses on actionable steps that can be taken to reduce the prevalence and the impact of these incidents. I started out by talking about the value of education ; let's do a better job of stopping these incidents from occurring in the first place by avoiding well-known coding and configuration flaws. The Economics of Breaches and Bug Bounties. Fixing Data Breaches Security

5 Ways to Protect Your Small Business from a Data Breach

Archive Document Data Storage

Small businesses are just as vulnerable to data breaches as big corporations. But for many small business owners, investing in breach prevention measures is an afterthought. In this blog, we offer five cost-effective strategies to protect your small business from a data breach. Negligent document disposal habits increase your organisation’s data breach exposure. It’s not just your online data that’s at risk. Educate Your Employees.

List of data breaches and cyber attacks in January 2018

IT Governance

If you’d like a more regular update of breaches and cyber attacks, I strongly suggest subscribing to our Daily Sentinel. Idaho school works to recover data weeks after cyberattack. Hospital pays $55,000 ransom; no patient data stolen. Data breaches.

Key takeaways from the 2019 Verizon Data Breach Investigations Report

IT Governance

Verizon’s annual DBIR (Data Breach Investigations Report) is among the most valuable studies in the security industry, so the release of the 2019 edition this week is cause for celebration. Unfortunately, the reports don’t speculate on possible interpretations of the data, leaving that to independent experts. Financially-motivated social engineering attacks are behind 12% of all breaches analysed.

Fixing Data Breaches Part 2: Data Ownership & Minimisation

Troy Hunt

Yesterday, I wrote the first part of this 5-part series on fixing data breaches and I focused on education. The next few parts of this series all focus on cures - how do we fix data breaches once bad code has already been written or bad server configurations deployed? In part 2 of the series, I want to talk about data ownership and minimisation and this is all about reducing the impact on individuals and organisations alike when things do go wrong.

Records for 7.5 million users of the digital banking app Dave leaked online

Security Affairs

Digital banking app Dave.com discloses a security breach after the known threat actor ShinyHunters leaked 7 million user records on a crime forum. According to ZDNet , the security breach originated on the network of a former business partner, Waydev.

TOKOPEDIA e-commerce hacked, 91 Million accounts available on the darkweb

Security Affairs

– Database contains emails, password hashes, names pic.twitter.com/CZTYImj6jA — Under the Breach (@underthebreach) May 2, 2020. ZDNet confirmed the authenticity of the leaked data.

Free Webcast 4/14 at Noon Central: “Cybersecurity and IG” via ARMA Dallas

IG Guru

Business Cloud Education IG News Information Destruction Information Governance information privacy information security Privacy Record Retention Security Webinar ARMA Dallas Breach Cybersecurity Data Breach Webcast

4 of the 5 top causes of data breaches are because of human or process error

IT Governance

Although data breaches as a result of cyber attacks get all the press, it is often negligence or a lack of basic processes, policies and procedures that result in data breaches. Data posted or faxed to incorrect recipient – 90 incidents.