Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
Nelnet Servicing (Nelnet)
Exploit: Hacking
Nelnet Servicing (Nelnet): Student Loans Servicer
Risk to Small Business: A data breach of student loan servicer Nelnet Servicing (Nelnet) has affected over 2.5 million student loan borrowers throughout the United States. The breach affected borrowers whose student loans are serviced by the Oklahoma Student Loan Authority (OSLA) and Edfinancial Services (Edfinancial). The company disclosed that the PII of 2.5 million student loan borrowers was accessible by an unknown actor who gained access to the network in July 2022.
How it Could Affect Your Business: Service providers like this one are highly at risk for trouble thanks to the combination of valuable data and access to companies that they offer bad actors.
Baker & Taylor
Exploit: Ransomware
Baker & Taylor: Book Distributor
Risk to Small Business: A ransomware attack at leading library book distributor Baker & Taylor has resulted in an outage that impacted the company’s phone systems, offices, and service centers. Those systems were out for a week. No ransomware group claimed responsibility, nor did Baker & Taylor disclose a ransom demand. The company said that they were able to restore their systems from backups and the incident remains under investigation.
How it Could Affect Your Business: Cybercriminals have been concentrating their fire on suppliers and service providers, elevating risk for them.
Los Angeles Unified School District
Exploit: Ransomware
Los Angeles Unified School District: Regional Education Authority
Risk to Small Business: A cyberattack against the Los Angeles Unified School District added complications to the start of the new school year. The ransomware attack hit on the Sunday before schools were scheduled to open for the new year. The district was able to overcome the digital shutdown to open schools on schedule the following Tuesday. However, the personal data of an estimated 400,000 students may have been accessed by cybercriminals. Federal, state and local authorities are investigating the incident. The Vice Society ransomware group has claimed responsibility for the attack, saying that they snatched more than 500GB of unspecified data.
How it Could Affect Your Business: Educational institutions have been high on cybercriminal priority lists, and the time pressure here made this attack an attractive prospect for the bad guys.
Savannah College of Art and Design
Exploit: Ransomware
Savannah College of Art and Design: Institution of Higher Learning
Risk to Small Business: Savannah College of Art and Design (SCAD) has revealed that a hacker gained access to SCAD’s information network systems, exposing data on an estimated 15,00 students. The school said that an unspecified “limited” number of files containing data about students and employees was accessed by bad actors. The AvosLocker ransomware group added SCAD to its leak site, but no ransom specifics have been released. AvosLocker may have taken at least 69,000 files that contained student information, personnel files and business data. No specifics have been released about what data was taken.
How it Could Affect Your Business: Education has been a sector under siege, especially attractive to ransomware groups as the school year opens.
