Data Privacy & Security Service
Issue 7
Recent Events
Yahoo Email Breach
In late September 2016, Yahoo announced that their e-mail systems had been hacked in 2014. The hack included the theft of data/information from at least 500 million Yahoo accounts. This hack may be the largest ever by shear number of us- ers affected. A hack of this size, against an internet company of Yahoo’s stature, should serve as a wakeup call for all organizations that there is no such thing as being secure enough. As of now it appears that this hack may have been carried out by a state sponsor, but as with other recent hackings there is no reason to be- lieve that a sophisticated organization is required to carry out such an attack.
Impact on Districts The Yahoo e-mail breach has broad im- plications on data security. First and foremost being the potential compro- mise of user passwords. If a teacher or staff member in a district had their Ya- hoo account compromised there is a possibility that their school account password has been compromised as well. Many users re-use their pass- words across services and locations. Users should be encouraged to reset their passwords for all accounts includ- ing those related to school use. Districts should further consider implementing password complexity policies, as well as reset policies.
For further details on the breach visit here .
What ripple effects might the Yahoo data breach have on the rest of the internet? Visit this site for more information.
What should you do if you think your account was hacked? Visit these two sites for helpful tips: Yahoo’s Data Breach: What to Do If Your Account Was Hacked What to do if your Yahoo account was hacked The New York Times took a deep dive into Yahoo’s past regarding security policies and examined their decisions in contrast with that of other companies such as Google. The differences in reactions between the organizations is evidence of the importance of security and how differing priorities within the companies led to the breach that we have only recently learned about.
You can read the full article here .
Recent Data Breaches
There have been several data breaches around the country in the last few months related to student data. It is important to be aware of these breach- es and their origins. In most of the be- low breaches, the cause was users being careless with data. In one scenario (Katy ISD) a user uploaded data to a software application . In another scenario, lax network security policies led to students having access to files on the network that should have been protected.
Impact on Districts
Not all data breaches are caused by out- side parties and hacks. In many scenari- os, data breaches are caused by careless users or lax policies. Districts should remind users of the importance of pro- tecting student and staff data, and that a data breach doesn’t have to be a hack.
Losing a flash drive with PII data is consid- ered a breach and should be reported immediately.
Below find links including details regarding the various breaches that have occurred:
Upper Arlington Schools Data Breach: Click Here
Katy ISD Data Breach: Click Here
UCF Data Breach: Click Here
4
Made with FlippingBook - Online Brochure Maker