At a glance.
- Student COVID data breached at Chico State.
- Online voyeur cops a guilty plea.
Student COVID-19 vaccination exemption requests exposed.
The Mercury News reports that a data breach exposed the COVID-19 vaccination exemption requests of college students in the US state of California. Chico State University requires students and faculty to be vaccinated in order to attend, but students with an approved religious exemption can bypass the requirement. Info pertaining to one hundred thirty students’ exemption requests was posted anonymously on an internet message board, seemingly with the intent of providing others with tips on how to ensure their request is approved. Not only were the details and approval status of the requests published, but many of the records included the names and contact information of the students in question. “Students’ medical and religious exemption requests are protected information,” the school confirmed in an official statement. “We are aware of the documents posted online and circulated among the media. We are investigating this incident, while also taking a number of proactive steps to protect students’ confidential information.”
A picture imperfect crime? (But at least they got the guy.)
A man in the US state of California has been arrested for orchestrating an online nude photo theft ring. The Los Angeles Times explains that Hao Kuo Chi (also known by the fitting handle “icloudripper4you”) pled guilty to four felonies, including conspiracy to gain unauthorized access to a computer, after admitting he pilfered over 620,000 iCloud photos by breaking into thousands of personal accounts. Often acting on requests from associates he met online, his scheme involved using the faked email addresses “applebackupicloud” and “backupagenticloud” in order to impersonate an Apple employee. Under the guise of helping his targets to update their account info, he convinced the victims to share their iCloud passwords with him. According to the FBI’s investigation of Chi’s email inboxes, nearly five thousand victims willingly handed over their login credentials. The operation was uncovered when a company that removes celebrity photos from the internet traced the theft of pics of an unnamed public figure to an unauthorized iCloud login from an internet address at Chi’s residence. He has up to five years of jail time (for each crime) to think up a better hustle.