Privacy and data security experts commented on data breach news from Chicago: Chicago Public Schools says ransomware attack affects nearly 500,000 students and 56,000 employees
This data breach appears to have affected both students and faculty equally. While no social security information, home addresses, or financial information was reportedly exposed, enough data was exposed that would provide a leg up for bad actors looking to gain additional information. Students and faculty must remain on the alert for any phishing attempts that use the gleaned information to acquire additional info.
Ransomware attacks have become a growing threat to education centers across the United States. Schools are becoming more dependent on a computing infrastructure to support their daily functions, and they also hold a vast amount of sensitive information. This provides criminals with high-profile targets to infiltrate and hold data for ransom or steal and sell it.
School districts and universities need to understand that they are high-profile targets, and they need to assume that a cyber-attack is imminent. With that in mind, as the first step, they need to invest in a dynamic security awareness training program for both faculty and students so they can better identify security risks such as phishing emails and suspicious links. And then, they need to protect their data not just with enhanced perimeter security but with data-centric security such as tokenization applied directly to that data. Only robust data-centric security can help mitigate the situation if the wrong hands get ahold of sensitive data.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics