Galloway Township Public Schools Superintendent Annette GiaquintoGalloway Township Public Schools, a New Jersey public school district, has lost $200,000 due to a "cybersecurity incident," Superintendent Annette Giaquinto told Press of Atlantic City.The cybersecurity incident involved two fraudulent wire transfers of $200,000 each, Giaquinto noted. District officials found out about the incident on September 27.District officials have recovered one of the wire transfers thus far, Giaquinto indicated. They also are making efforts to recover the remaining balance.
In addition, district officials have launched an investigation into the cybersecurity incident, Giaquinto stated. They believe the incident is limited to district staff members' login credentials, Giaquinto said, and do not believe students or their families have been affected.
Data Privacy Issues Plague School Districts Nationwide
School districts nationwide are susceptible to cyberattacks, due in part to a lack of data privacy training for teachers.Seventy-four percent of U.S. teachers have used classroom apps not required by their school district in which they have entered sensitive academic or behavioral student data, according to a survey conducted by the Parent Coalition for Student Privacy (PCSP). Also, the PCSP survey indicated that 68 percent of teachers said they have received no training from their schools on how to minimize the chances that personal data will be breached or abused.
More than 350 cybersecurity incidents have been publicly documented by U.S. K-12 schools since January 2016, PCSP reported. However, with the proper training, teachers could help school districts minimize the risk of cybersecurity incidents.
Tips to Help School Districts Reduce Cyber Risk
PCSP offered the following recommendations to help school districts reduce or eliminate cyber risks:
Teach educators about federal and state employment and social media laws, along with school, district or other data privacy policies.
Review the privacy policy or terms of service (TOS) of any app or program used in a classroom to determine if it complies with state and federal privacy laws.
If possible, don't use social media for school-related purposes.
Avoid apps or online programs that have not been vetted by a district technology officer.
MSSPs also can partner with school districts to promote cybersecurity awareness and training. With MSSP support, school districts can determine the best ways to safeguard their critical data and infrastructure against cyberattacks.
Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.
Operations of the Virginia Attorney General's office were reported by the Richmond Times-Dispatch to have been significantly impacted by a cyberattack this week, which took down most of its computer systems, according to The Associated Press.
Widely known personal data leak platform Doxbin was reported by vx-underground to have been purportedly compromised by the Tooda cybercrime group as payback for having one of its members accused of being a pedophile by the leak site's admins, according to Cybernews.
Hackread reports that widely used artificial intelligence-based chatbot OmniGPT was allegedly compromised by the threat actor dubbed "Gloomer," who proceeded to leak over 34 million lines of user conversations and 30,000 user emails and phone numbers.