Skip to Main Content

University Pays Almost $16,000 To Recover Crucial Data Held Hostage
By Dan Goodin, ars technica, 06.08.16

Canada's University of Calgary paid almost $16,000 ($20,000 Canadian, ~£10,800) to recover crucial data that has been held hostage for more than a week by crypto ransomware attackers.

The ransom was disclosed on Wednesday morning in a statement issued by University of Calgary officials. It said university IT personnel had made progress in isolating the unnamed ransomware infection and restoring affected parts of the university network. It went on to warn that there's no guarantee paying the controversial ransom will lead to the lost data being recovered.

arstechnica"Ransomware attacks and the payment of ransoms are becoming increasingly common around the world," Wednesday's statement read. "The university is now in the process of assessing and evaluating the decryption keys. The actual process of decryption is time-consuming and must be performed with care. It is important to note that decryption keys do not automatically restore all systems or guarantee the recovery of all data. A great deal of work is still required by IT to ensure all affected systems are operational again, and this process will take time."

The payment of ransoms has been controversial because the action only encourages a form of computer crime that's growing increasingly rampant and aggressive since it first came into vogue in late 2013. In an article published Tuesday by The Globe and Mail, University Vice President Linda Dalgetty said once the network was infected, the university couldn't risk losing critical data.

“We are a research institution," she was quoted as saying. "We are conducting world class research daily and we don’t know what we don’t know in terms of who’s been impacted and the last thing we want to do is lose someone’s life’s work." Read More

Academy Of Art University Victim Of Successful Spoofing Attack
Notice to academy employees, 04.13.16

On March 4, 2016, an employee of the Academy of Art University was targeted by an email scam, called “spoofing.” The spoofed email appeared to come from a member of the Academy’s executive team and asked for employees’ W-2 information. Because the recipient/employee wrongly believed the email to contain a valid request from a senior executive, the employee replied by attaching the federal Form W-2 for Academy employees. Academy officials later learned the reply email was sent to an unknown individual. Read More

Sequoia Union High School District Victim Of Successful Phishing Attack
Notice to district employees/retirees, 03.04.16

On Feb. 3, 2016, as a result of a phishing incident, an unauthorized third party accessed a Sequoia Union High School District office computer and may have accessed files containing certain information on all SUHSD employees and retirees. Read More

FERPA Violation At Poway Unified
sd union trib logo 200x130By Daniel Wheaton, The San Diego Union-Tribune

The Poway Unified School District released to one parent in the district sensitive personal information about more than 36,000 children, in response to a public-records request.
The release was a mistake, as the parent asked for information about records containing her own name, and the district gave her much broader data sets containing the information about herself and others. Read More

Berkeley Public Schools Unauthorized SSN Disclosure
Notice to district employees, 04.21.16

The Bay Area News Group, a publisher of multiple Bay Area newspapers, annually conducts surveys of all public agencies in the Bay Area regarding employee salary and related payroll information. They are entitled to this information pursuant to the California Public Records Act. The Berkeley Unified School District compiled the requested information and transmitted it in an electronic file last week to the reporter who was coordinating the collection of the data. Unfortunately, the district inadvertently sent an electronic file that contained social security numbers. It did not include any other confidential information such as addresses, telephone numbers or birthdates. The reporter immediately contacted the district about the transmission of confidential data. The district immediately responded by requesting that the reporter delete the files, and another version of the requested data was transmitted that did not include confidential data. Read More

California Virtual Academies Discovers Security Breach
Notice to school employees, 01.13.16

On Dec. 9, 2015, a data security researcher notified California Virtual Academies (CAVA) of a vulnerability in a data storage system. CAVA, with support from its education and technology services provider, K12 Inc., identified the vulnerability and secured the data within hours of the initial notification. The information that was accessed was not on servers owned or operated by K12 Inc. or the CAVA schools. Read More

Security News is a periodic roundup of IT security news important to the California Community
Colleges. The news stories are compiled by CCC TechEDge News staff members.