Tag Archive for: Leaving

Peel District School Board struggles with fallout from malware attack, leaving parents, teachers in the dark

/in


The Peel District School Board is still unable to say when several of its key online resources will be back on track after they were hit by a malware attack that continues to paralyze a string of databases.

Last week, the board told staff in an email, the malware “resulted in the encryption of certain PDSB files and systems,” and after it was discovered, the board “took immediate steps to isolate the incident.”

The risk posed by unknown hackers is creating unease among the unions representing elementary and secondary school teachers, who claim they have been kept in the dark, and received just the most sparing details about the type and scope of attack more than a week since the board first admitted it was facing a “cyber security incident.”

Speaking to the Star Thursday, board spokesperson Tiffany Gooch said a cybersecurity firm, hired by the board has made significant progress in both the investigation and recovery efforts, but couldn’t say exactly when the systems would be back to normal.

“We hope to be able to provide a resolution timeline in the next few days,” said Gooch.

“We can confirm that the incident involved encryption malware.”

Gooch wouldn’t say if the hackers have attempted to extort the board by seeking payment to unlock the seized data portals, but she did say there is “no evidence that any personally identifiable or otherwise sensitive data was compromised because of the attack.”

Gooch was unable to say how the incident occurred and who might be responsible. These are things she says she hopes the continuing probe will reveal.

Of equal concern to the union is that the board faces this logistic hurdle in the days leading up to students’ anticipated return to the classroom for in-person learning the week of Feb. 16.

Representatives from both unions say the board has provided links for back-channel access, so some tasks can be completed.

The board remains partially locked out of the intranet used by staff because some functions cannot be accessed.

She said the malware has not affected virtual classrooms, but it did wipe out the website and with it applications accessed by families.

As a result, the board extended deadlines for Grade 1 French…

Source…

Another Day, Another Company Leaving Sensitive User Data Exposed Publicly On The Amazon Cloud

/in

What is it about companies leaving consumer data publicly exposed on an Amazon cloud server? Verizon made headlines after one of its customer service vendors left the personal data of around 6 million consumers just sitting on an Amazon server without adequate password protection. A GOP data analytics firm was also recently soundly ridiculed after it left the personal data of around 198 million citizens (read: most of you) similarly just sitting on an Amazon server without protection. Time Warner Cable also recently left 4 million user records sitting in an openly-accessible Amazon bucket.

You’d think that after all of this press attention fixated on a fairly basic (but massive) screw up, that companies would stop doing this. But you’d be wrong.

The latest company to fail at fundamental security practices is California’s Bank of Cardiff, which managed to leave millions of phone recordings made by employees — you guessed it — in an unsecured Amazon cloud bucket open wide to the general internet. Many of the phone recordings exposed include bank employees talking with customers about sensitive financial transactions:

“Many of the calls appear to be Bank of Cardiff employees phoning up individuals the bank has discussed loans with, or attempting to offer them one. One call includes a potential customer discussing their plans for obtaining financing either from Bank of Cardiff or a competitor. In another, an employee contacts a company focused on industrial equipment; Motherboard identified the company because of its hold music which includes the firm’s website. The company did not respond to a request for comment. In a third call, an employee contacted a company about a business loan.”

Yeah, whoops-a-daisy. The practice by lazy and/or incompetent companies has basically made a career for folks like UpGuard cyber risk analyst Chris Vickery, who has spent the better part of the last few years searching and exposing companies that can’t be bothered to secure their cloud accounts. But again, it’s absolutely incredible given the media exposure of this basic gaffe that every company on the planet hasn’t done an audit to make sure their brand isn’t the next one in lights for security incompetence.

Bank of Cardiff has yet to issue a public statement on the exposure, but it did finally lock down access to the data trove once journalists and security researchers (once again) did their jobs for them.

Permalink | Comments | Email This Story

Techdirt.

Karen Hacker Leaving Allegheny County Health Department, Will Join CDC

/in

Hacker has been with the county’s health department since … dozen large financial firms of inflating the price of bonds issued by Fannie Mae and Freddie Mac over seven years. Thursday night’s …
mac hacker – read more

Alaska’s last two Blockbusters are shutting down, leaving one in US

/in

On Thursday, Blockbuster Alaska announced that the rental chain’s last two Alaskan stores will shut down on Monday, with liquidation sales to follow. The news means that only one Blockbuster store will remain in the United States, in Bend, Oregon.

“We hope to see you at our stores during the closing, even if it’s just to say ‘Hello,'” the final two shops’ managers posted in a Facebook announcement on Thursday. “What a great time to build your media library and share some Blockbuster memories with us.”

In its report, the Anchorage Daily News confirmed with Border Entertainment, a Texas-based holding company that operated all of Alaska’s Blockbuster stores, that closure plans had been in the works since before the end of 2017. At that time, Border decided to stop renewing any Blockbuster store leases, resulting in a series of closures across the state over the past nine months.

Read 3 remaining paragraphs | Comments

Biz & IT – Ars Technica