At a glance.
- NetWalker adds Columbia College Chicago to its list of victims.
- University of Utah Health discloses patient data breach.
- Privacy issues surrounding online voting.
NetWalker adds Columbia College Chicago to its list of victims.
A NetWalker infestation has been reported at Columbia College Chicago, which now joins the University of California San Francisco and Michigan State University among the victims of this particular strain of ransomware, the Columbia Chronicle reports. As is now customary, the ransomware operators have not only encrypted college files, but have also threatened to release student and faculty data.
University of Utah Health discloses patient data breach.
On Friday the University of Utah Health announced that it's determined the cause of unauthorized access to patient data third-parties obtained between April 6th and May 22nd. The data breach, the Deseret News reports, was accomplished by phishing university employees. So far the organization says it's seen no signs of the exposed data having been misused, but it's continuing to notify affected patients.
Privacy issues surrounding online voting.
Remote voting online has been used in some US states’ primaries, and may see some limited use in November’s general elections. Delaware, West Virginia, and New Jersey plan to use Democracy Live’s OmniBallot platform, but researchers at MIT and the University of Michigan report that OmniBallot “represents a severe risk to election security and could allow attackers to alter election results without detection.”
OmniBallot isn’t new, researchers Michael A. Specter and J. Alex Halderman write. It’s “ long been used to let voters print ballots that will be returned through the mail.” What’s new this year, they say, is its use for filing ballots online. The three states are using it differently. New Jersey has decided to make online voting available to voters with certain disabilities, and it’s treating that limited availability as a pilot that could be expanded if the need arose. West Virginia lets the disabled, military voters, and West Virginia citizens overseas to vote online with OmniBallot. Delaware is making the most expansive use of the system. As Specter and Halderman write, online voting will be an option to anyone who’s sick, self-quarantining, or engaging in social distancing, which as a practical matter includes close to everyone in the state.
The researchers see four problems with the system.
- Second, the version of the ballot marking mechanism that’s being used in Delaware in particular sends the voter’s identity and ballot selections to Democracy Live, even if the voter opts to print the ballot and mail it in. This, the researchers say, needlessly places ballot secrecy at risk.
- Third, even where OmniBallot is used only to deliver blank ballots, the researchers find that the ballots could be misdirected or altered in ways that would cause them to be counted incorrectly. Election officials could mitigate these risks, but only with the expenditure of considerable effort, and in conducting “rigorous post-election audits.”