[ad_1]
Photos of valid passports, employee salary information and credit card statements are among nearly 1 million files uploaded to the dark web following a recent ransomware attack by the Southern Winnipeg school department.
The Pembina Trails school department was attacked in December by a data breach conducted by a hacker group called Rhysida, which stole personal information from students, teachers and families.
The department confirmed that on Friday, the hacker group asked for ransom for data, but said there was no compensation. The group then promoted the sale of personal information and photos of students, teachers and staff back in 2011 on Dark Web, part of the internet that cannot be accessed using a traditional web browser.
When no one buys data, the team uploads it online.
Data that may be exposed include names, dates of birth, confidential business data, personal health information and email addresses.
Colleen Peluso, who has three children in the Pembina Trails school department, said some of their personal data were stolen information, as well as thousands of other students and employees.
“Every year, our school’s parent company conducts cybersecurity and internet security negotiations.
Companies find data on the dark web
Venarix, a Texas-based company that investigates and records cybersecurity incidents, said it decided to investigate violations to learn more.
The company has no contact with the Pembina Trails School division, but found data from the division on Dark Web and compiled a report on its website that included pixelated images of stolen information to help people understand hackers.
The hacker group listed 5.4 tobytter tolen stolen from Pembina Trails Online and sold it in 15 bitcoins, equivalent to about $1.6 million.
Watch | Hackers try to sell data stolen from the department:
The Pembina Trails school department was attacked in December by a data breach conducted by a hacker group called Rhysida, which stole personal information from students, teachers and families, and then attempted to blackmail more than $1.5 million from the South Winnipeg school department.
“Some of them will try to sell this data to people who are interested … just to make a profit. If they sell this data, some people will just delete it from their website, like it’s not even there,” said Luciana Obregon, founder of Venarix.
“But if they can’t sell it, they can basically let anyone get in and do whatever they want.”
The screenshots viewed by CBC show documents with name, date of birth, health information, email address and bank account number.
Initially, the department said the department dating back to 2014’s stolen information, but has since accessed a backup database, which can be traced back to 2011.
The Winnipeg Police Department’s Financial Crime Department is investigating.
Nathan Martindale, president of the Manitoba Teachers Association, said in an emailed statement that teachers and students’ data “never compromise.”
“No doubt this will cause great psychological pressure to our members.”
The department hired its own cybersecurity company to investigate. It offers three years of credit monitoring services, free to current and former employees, and encourages families to stay alert.
Departments “do not understand” how valuable the data is
The group claims the responsibility for the Winnipeg ransomware attack is criminal action in Russia or Eastern Europe. According to The Guardian, Reidida also claimed to launch attacks on government agencies in Portugal, Chile and Kuwait.
The Pembina Trails is one of many school departments attacked in Canada. Obregon said she found 32 of the data leaked on the dark web.
Another victim of the same group targeting the Winnipeg Division is the Ontario Qualifications Board, which evaluates teacher qualifications for the purpose of salary classification. Obregon said it could be an attack in July last year that may have exposed confidential business data and personal information, some of which have been posted to the dark web.
QECO executive director Liz Papadopoulos described the cyber attack as a “painful thing” and said there was no stolen financial information. She said she contacted everyone affected and secured the system, but she declined to comment further.
Cybersecurity expert Hadis Karimipour said that ransomware attacks on schools and school departments are becoming increasingly common, as many people focus on digitizing things quickly without having to keep security in mind.
“They don’t understand how valuable their data is and why cybercriminals are interested,” said Karimipour, Canadian research chair for Canadian security and resilient cyber physics systems, associate professor at the University of Calgary and president of Canadian research.
She said the data could be very valuable for things like identity theft.
One of the easiest organizations such as school departments can protect themselves is investing in training employees to help them identify content like phishing emails and understand how work systems are connected to personal devices that have been violated and how they can harm their work systems, Karimipour said.
“Unfortunately, humans are always one of the root causes of the problem, and it provides cybercriminals with the opportunity to attack large organizations,” she said. “And people usually [make] Many mistakes. ”
[ad_2]
Source link
