At a glance.
- Two US learning institutions suffer data breaches.
- Grammarians become phishing targets.
Two US learning institutions suffer data breaches.
Educational institutions, with their limited cybersecurity resources and high volume of personal data, continue to be attractive targets for cybercriminals. The Minneapolis Public Schools District (MPS), located in the US state of Minnesota, has begun notifying 100,000 people they were potentially impacted in a cyberattack. In February the district was hit with what they called an “encryption event” that disrupted operations for about a week, and in March the Medusa ransomware gang announced they were responsible for infiltrating and encrypting MPS’s systems. Medusa demanded $1 million from the district for decryption, and when MPS rightly refused, Medusa responded by leaking sensitive student data, accompanied by a video of screenshots of the stolen files. As the Record notes, by July the school community had started expressing frustration about the lack of communication from the district about the breach. Fast-forward to now, and MPS says the delay in notifying the victims was required in order for the district to complete a “comprehensive review” of exactly what data were exposed. The notice from MPS reads, “This process was completed on July 24, 2023. Although it has been difficult to not share more information with you sooner, the accuracy and the integrity of the review were essential.”
Two states to the east, the University of Michigan (UMICH) is informing staff and students they must change their passwords as a result of a cyberattack that occurred last month. Teh notification email from UMICH CISO Sol Bermann and CIO Ravi Pendse reads, "The University of Michigan is requiring all community members to change their UMICH password by the end of day on Tuesday, September 12." The email goes on to say that failure to meet the deadline could result in users being locked out of their accounts and UMICH devices. It’s unclear what caused the breach, and when asked, UMICH's Director of Public Affairs Director of Public Affairs told BleepingComputer, "We do not have any other information we can share on the investigation. We do not want to share anything that might compromise that important work." It’s worth noting that a month ago Michigan State University disclosed that community members' data had been exposed by some of its third-party service providers in connection with the mass-hack of the MOVEit file transfer application.
Grammarians become phishing targets.
The Associated Press (AP) has disclosed that a data breach impacting users of the popular writing style guide the AP Stylebook has led to a wave of phishing attacks. As Bleeping Computer explains, an out-of-use, third-party-managed AP Stylebook site was hacked in July, and the attackers made off with the data of over two hundred customers. While the number of victims might seem small, many of the Stylebook’s customers are journalists and media companies, which could be attractive targets for ransomware attacks or espionage. The compromised data include customer names, email addresses, street addresses, phone numbers, User IDs, and for a portion of customers, tax-exempt IDs like Social Security Numbers or Employer Identification Numbers. The first indication of the breach came by way of customer complaints about phishing emails they’d received from the address 'firstname.lastname@example.org[.]id' stating they needed to update their credit card info on the Stylebook site. AP responded by taking the defunct site offline to prevent further compromise and warning customers to be wary of the fraudulent messages.