NRW.social

Doug LevinHackers breach 62 US colleges by allegedly exploiting Ellucian Banner Web flaw <a href="https://securityaffairs.com/88696/breaking-news/llucian-banner-web-flaw.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://securityaffairs.com/88696/breaking-news/llucian-banner-web-flaw.html</a> <a href="https://infosec.exchange/tags/edtech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edtech</a> <a href="https://infosec.exchange/tags/edusec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edusec</a> <a href="https://infosec.exchange/@PogoWasRight" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@PogoWasRight</a> <a href="https://infosec.exchange/@boblord" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@boblord</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a>

Doug LevinCanada: Data breach hacks hole in UCDSB budget <a href="https://www.pentictonherald.ca/spare_news/article_3be96274-0b48-53f6-a7d1-0ff4c4964165.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.pentictonherald.ca/spare_news/article_3be96274-0b48-53f6-a7d1-0ff4c4964165.html</a> <a href="https://infosec.exchange/tags/edtech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edtech</a> <a href="https://infosec.exchange/tags/edusec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edusec</a> <a href="https://infosec.exchange/@PogoWasRight" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@PogoWasRight</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a>

Dissent Doe :cupofcoffee:Smiley calls for data sharing once Providence gets its schools back from state: <a href="https://www.newsbreak.com/rhode-island-current-1641157/3961849375333-smiley-calls-for-data-sharing-once-providence-gets-its-schools-back-from-state" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.newsbreak.com/rhode-island-current-1641157/3961849375333-smiley-calls-for-data-sharing-once-providence-gets-its-schools-back-from-state</a>Direct link to Providence's plan: <a href="https://www.providenceri.gov/wp-content/uploads/2025/04/Providence-PPSD-Transition-Plan.pdf" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.providenceri.gov/wp-content/uploads/2025/04/Providence-PPSD-Transition-Plan.pdf</a> Pages 51-56 seem to be about data management. <a href="https://infosec.exchange/tags/EduSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EduSec</a> <a href="https://infosec.exchange/tags/DataProtection" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DataProtection</a> <a href="https://infosec.exchange/tags/DataSharing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DataSharing</a> <a href="https://infosec.exchange/@douglevin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@douglevin</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a> <a href="https://journa.host/@mkeierleber" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@mkeierleber</a>

Dissent Doe :cupofcoffee:Fall River schools chief: No insurance for cyberattack; says computer system remains down:<a href="https://www.heraldnews.com/story/news/2025/04/08/fall-river-schools-cyberattacked-chief-says-no-insurance/83000021007/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heraldnews.com/story/news/2025/04/08/fall-river-schools-cyberattacked-chief-says-no-insurance/83000021007/</a><a href="https://infosec.exchange/@douglevin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@douglevin</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a> <a href="https://infosec.exchange/tags/EduSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EduSec</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/insurance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#insurance</a>

Doug LevinCould Trump Budget Cuts Lead to More Cyberattacks Against Schools? (tl;dr YES) <a href="https://archive.ph/GaGhr" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://archive.ph/GaGhr</a> <a href="https://infosec.exchange/tags/edtech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edtech</a> <a href="https://infosec.exchange/tags/edusec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edusec</a> <a href="https://infosec.exchange/@PogoWasRight" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@PogoWasRight</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a>

Doug LevinSensitive data was leaked in 2024 Highline Public Schools ransomware attack <a href="https://www.seattletimes.com/education-lab/sensitive-data-was-leaked-in-2024-highline-public-schools-ransomware-attack/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.seattletimes.com/education-lab/sensitive-data-was-leaked-in-2024-highline-public-schools-ransomware-attack/</a> <a href="https://infosec.exchange/tags/edtech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edtech</a> <a href="https://infosec.exchange/tags/edusec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edusec</a> <a href="https://infosec.exchange/@PogoWasRight" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@PogoWasRight</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a>

Doug LevinWhile many are focused on ransomware, BEC scammers have been going to town vs. US K-12: "More than $846K stolen from Florida school district in fraud scheme: CCSO" <a href="https://www.fox13news.com/news/more-than-846k-stolen-from-florida-school-district-fraud-scheme-ccso" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.fox13news.com/news/more-than-846k-stolen-from-florida-school-district-fraud-scheme-ccso</a> <a href="https://infosec.exchange/tags/edtech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edtech</a> <a href="https://infosec.exchange/tags/edusec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edusec</a> <a href="https://infosec.exchange/@PogoWasRight" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@PogoWasRight</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a>

Doug Levin"It would be built with top security protocols to make hacking unlikely, they said. Only select personnel — school administrators, mental health specialists and police — would have access to the information. The system would likely cost more than $10 million a year, with GEMHSA recommending that data be maintained until former students reach age 25." <a href="https://www.onlineathens.com/story/news/politics/state/2025/03/25/georgias-hb-268-unique-in-its-breadth-of-changes-to-stop-school-shooters/82646509007/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.onlineathens.com/story/news/politics/state/2025/03/25/georgias-hb-268-unique-in-its-breadth-of-changes-to-stop-school-shooters/82646509007/</a> <a href="https://infosec.exchange/tags/edtech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edtech</a> <a href="https://infosec.exchange/tags/edusec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edusec</a>

Doug LevinThis is a sick new twist: "Law enforcement presence planned at Putnam County school after ransomware attack" <a href="https://wchstv.com/news/local/law-enforcement-presence-planned-at-putnam-county-school-after-ransomware-attack" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://wchstv.com/news/local/law-enforcement-presence-planned-at-putnam-county-school-after-ransomware-attack</a> <a href="https://infosec.exchange/tags/edtech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edtech</a> <a href="https://infosec.exchange/tags/edusec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edusec</a> <a href="https://infosec.exchange/@PogoWasRight" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@PogoWasRight</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a>

Dissent Doe :cupofcoffee:Takeaways from our investigation on AI-powered school surveillance. The AP and Seattle Times teamed up on this investigation. From their overview: "But these tools raise serious questions about privacy and security. In fact, when The Seattle Times and The Associated Press partnered to investigate school surveillance, reporters inadvertently received access to almost 3,500 sensitive, unredacted student documents through a records request. The documents were stored without a password or firewall, and anyone with the link could read them."Read more at <a href="https://apnews.com/article/ai-school-chromebook-surveillance-gaggle-investigation-takeaways-381fa82978f27eb85f20d03236820711" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://apnews.com/article/ai-school-chromebook-surveillance-gaggle-investigation-takeaways-381fa82978f27eb85f20d03236820711</a><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/EduSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EduSec</a> <a href="https://infosec.exchange/tags/infosecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosecurity</a> <a href="https://infosec.exchange/tags/surveillanvce" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#surveillanvce</a> <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> <a href="https://infosec.exchange/@douglevin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@douglevin</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a>

Andreas HeilAktueller Eintrag auf der Cyberangriffkarte: Universität der Bundeswehr München <a href="https://aheil.de/edusec/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://aheil.de/edusec/</a> <a href="https://chaos.social/tags/edusec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edusec</a> <a href="https://chaos.social/tags/cyberangriff" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberangriff</a> <a href="https://chaos.social/tags/hackerangriff" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hackerangriff</a> <a href="https://chaos.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://chaos.social/tags/opsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opsec</a>

Andreas HeilEndlich mal wieder ein Sicherheitsvorfall hinzugefügt: HöMS, Februar 2024 <a href="http://aheil.de/edusec" rel="nofollow noopener noreferrer" translate="no" target="_blank">http://aheil.de/edusec</a> <a href="https://chaos.social/tags/edusec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edusec</a> <a href="https://chaos.social/tags/cyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyber</a>

Dissent Doe :cupofcoffee:<a href="https://infosec.exchange/@douglevin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@douglevin</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a> What do you think about this report out of Umatilla? Is this PowerSchool or something unrelated? If they just discovered a breach this week?<a href="https://www.vpnranks.com/news/umatilla-schools-data-breach-exposes-student-records/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.vpnranks.com/news/umatilla-schools-data-breach-exposes-student-records/</a><a href="https://infosec.exchange/tags/EduSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EduSec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a>

Dissent Doe :cupofcoffee:Here's another Canadian school that had decades of student data caught up in the PowerSchool breach:Wellington Catholic District School Board: <a href="https://www.wellingtonadvertiser.com/cybersecurity-breach-involves-29-years-of-catholic-school-board-data/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.wellingtonadvertiser.com/cybersecurity-breach-involves-29-years-of-catholic-school-board-data/</a><a href="https://infosec.exchange/tags/PowerSchool" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PowerSchool</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/legacydata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#legacydata</a> <a href="https://infosec.exchange/tags/EduSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EduSec</a> <a href="https://infosec.exchange/@douglevin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@douglevin</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a>

Dissent Doe :cupofcoffee:<a href="https://infosec.exchange/@douglevin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@douglevin</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a> American School of Dubai mentioned as having been affected: <a href="https://www.dmnews.com/school-districts-worldwide-impacted-by-powerschool-breach/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.dmnews.com/school-districts-worldwide-impacted-by-powerschool-breach/</a><a href="https://infosec.exchange/tags/EduSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EduSec</a> <a href="https://infosec.exchange/tags/PowerSchool" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PowerSchool</a>

Dissent Doe :cupofcoffee:I must have missed something. I thought PowrerSchool hit US and Canada. It also hit some Bermuda schools? <a href="https://www.royalgazette.com/education/news/article/20250119/details-given-on-school-security-breach/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.royalgazette.com/education/news/article/20250119/details-given-on-school-security-breach/</a>"Ms Richards said the company confirmed the breach included “data from some Bermuda public schools families and teachers”."<a href="https://infosec.exchange/@douglevin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@douglevin</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a> <a href="https://infosec.exchange/tags/EduSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EduSec</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/Powerschool" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Powerschool</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

Dissent Doe :cupofcoffee:<a href="https://infosec.exchange/@douglevin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@douglevin</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a> <a href="https://journa.host/@mkeierleber" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@mkeierleber</a> So I could be wrong, but I think the only way they may be able do that for minor kids who don't have a credit report already is to have Experian create a credit report for the minor which they then monitor. So now your kid has a credit report, which they never should have had as a minor, and what happens after two years when Experian stops monitoring it? Has anyone asked them about that? <a href="https://infosec.exchange/tags/PowerSchool" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PowerSchool</a> <a href="https://infosec.exchange/tags/EduSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EduSec</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a>

Dissent Doe :cupofcoffee:Well, smart move by PowerSchool on this: "PowerSchool will be offering two years of complimentary identity protection services for all students and educators whose information was involved and will also be offering two years of complimentary credit monitoring services for all adult students and educators whose information was involved. We are doing this regardless of whether an individual’s Social Security Number was exfiltrated."<a href="https://infosec.exchange/@douglevin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@douglevin</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a> <a href="https://journa.host/@mkeierleber" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@mkeierleber</a> <a href="https://infosec.exchange/tags/PowerSchool" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PowerSchool</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/EduSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EduSec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

Dissent Doe :cupofcoffee:Dear Diary,Another day has gone by and PowerSchool still doesn't have any dedicated webpage or website linked from their home page about the data breach. Where is all that helpful info they promised everyone? I asked their PowerBot where their update page on the breach is. Here's PowerBot's response, below. And no, there is nothing on the page PowerBot pointed to that has anything on the breach at all.<a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/PowerSchool" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PowerSchool</a> <a href="https://infosec.exchange/tags/EduSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EduSec</a>

Dissent Doe :cupofcoffee:Two ransomware groups claimed they attacked Rutherford County Schools. in Tennessee. One leaked sensitive records.I skimmed the data tranche and found tens of thousands of files with sensitive student information and personnel files. Read more about it here:<a href="https://databreaches.net/2025/01/07/two-ransomware-groups-claimed-they-attacked-rutherford-county-schools-one-leaked-sensitive-records/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://databreaches.net/2025/01/07/two-ransomware-groups-claimed-they-attacked-rutherford-county-schools-one-leaked-sensitive-records/</a><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/ransom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ransom</a> <a href="https://infosec.exchange/tags/EduSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EduSec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/@douglevin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@douglevin</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@brett</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@funnymonkey</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#edusec