Tag Archive for: Minnesota

How hackers gained access to Minnesota Department of Education data

/in


Cybersecurity attack hits Minnesota Department of Education


Cybersecurity attack hits Minnesota Department of Education

02:07

ST. PAUL, Minn. — A massive cybersecurity breach has exposed the data of government agencies and millions of Americans. The Minnesota Department of Education says it was one of the victims of the hack. 

The breach at the MDE happened just three months after a leak rocked Minneapolis Public Schools. Officials say the latest hack is part of a larger effort happening around the world, believed to be committed by Russian cybercriminals, exploiting a data transfer program called Move It.

MORE: Protecting yourself from cybersecurity threats

“The problem is that this application had a vulnerability embedded inside of it that no one realized, and now we’re seeing the clients of this vendor being hit by cyber attacks,” said Mark Lanterman, chief technology officer at Computer Forensic Services. 

The MDE says personal information of more than 95,000 students was exposed, but no financial information. However, that doesn’t mean it won’t have a financial impact at some point 

“This data has no expiration date. Okay, so your child may be a minor today. But in two years, maybe not. And maybe your child’s information will be used to commit financial fraud, identity theft, down the road,” said Lanterman.

The Minnesota Department of Education recommends accessing and monitoring your personal credit reports. 

RELATED: Emails from Minneapolis Public School officials reveal timeline of data breach

To learn more, and sign up for free credit monitoring if you’re impacted, click here.

Allen Henry


wcco-cbs-minnesota.jpg

Allen Henry is an Emmy Award-winning journalist who joined WCCO as a reporter in August 2022.

Source…

Minnesota man charged in hacking MLB and for trying to extort the league

/in


A Minnesota man has been charged with hacking into computer systems used by Major League Baseball and trying to extort the league for $150,000, the U.S. Attorney’s Office of the Southern District of New York said Thursday.In emails with an MLB executive, Joshua Streit, 30, threatened to publicize the vulnerability that he used to access the league’s website for streaming live games before asking for $150,000 for finding the technology flaw, according to charging documents.Streit allegedly renewed his extortion attempt in September, at a time of heightened scrutiny for the MLB as it was preparing for the playoffs. The news comes ahead of Game 3 of the World Series between the Houston Astros and Atlanta Braves.A Twitter account listed in the criminal complaint as belonging to Streit did not respond to a request for comment on Friday. James Becker, an attorney listed for Streit in court records, did not respond to requests for comment.The charges against Streit, who is also known as Josh Brody, include wire fraud, illegally hacking into a computer for the purposes of fraud and “sending interstate threats with the intent to extort.” The maximum sentence for each individual charge ranges from two to 20 years in prison.Streit is accused of illegally streaming copyrighted live games from the MLB, National Basketball Association, National Football League and the National Hockey League. To do that, prosecutors allege, Streit used stolen login credentials to access the sports’ websites and stream live games to his own website for profit.One of the sports leagues lost almost $3 million because of Streit’s actions, the U.S. Attorney’s office said in a press release.A LinkedIn profile listed in the complaint as belonging to Streit describes him as a software engineer living in the Minneapolis area.During an initial court appearance Thursday in the U.S. District Court for the District of Minnesota, a judge ordered “temporary detention” for Streit pending a Nov. 1 hearing, according to court documents.A spokesperson for the MLB declined to comment. Neil Boland, the league’s chief information security officer, did not respond to requests for comment.The MLB is no stranger to…

Source…

The Linux Foundation’s demands to the University of Minnesota for its bad Linux patches security project

/in


To say that Linux kernel developers are livid about a pair of University of Minnesota (UMN) graduate students playing at inserting security vulnerabilities into the Linux kernel for the purposes of a research paper “On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits” is a gross understatement. 

Greg Kroah-Hartman, the Linux kernel maintainer for the stable branch and well-known for being the most generous and easy-going of the Linux kernel maintainers, exploded and banned UMN developers from working on the Linux kernel. That was because their patches had been “obviously submitted in bad faith with the intent to cause problems.” 

The researchers, Qiushi Wu and Aditya Pakki, and their graduate advisor, Kangjie Lu, an assistant professor in the UMN Computer Science & Engineering Department of the UMN then apologized for their Linux kernel blunders. 

That’s not enough. The Linux kernel developers and the Linux Foundation’s Technical Advisory Board via the Linux Foundation have asked UMN to take specific actions before their people will be allowed to contribute to Linux again. We now know what these demands are.

The letter, from Mike Dolan, the Linux Foundation’s senior VP and general manager of projects, begins:

It has come to our attention that some University of Minnesota (U of MN) researchers appear to have been experimenting on people, specifically the Linux kernel developers, without those developers’ prior knowledge or consent. This was done by proposing known-vulnerable code into the widely-used Linux kernel as part of the work “On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits”; other papers and projects may be involved as well. It appears these experiments were performed without prior review or approval by an Institutional Review Board (IRB), which is not acceptable, and an after-the-fact IRB review approved this experimentation on those who did not consent.

This is correct. Wu and Lu opened their note to the UMN IRB by stating: “We recently finished a work that studies the patching process…

Source…

AOL DESKTOP GOLD Customer care Phone Number tech Number wih toll fr.ee TRWE – Minnesota Twins Talk – Twins Daily

/in



AOL DESKTOP GOLD Customer care Phone Number tech Number wih toll fr.ee TRWE – Minnesota Twins Talk  Twins Daily

Source…