Doesn't GDPR mandate 72 hours for disclosure now?
Lancaster Uni data breach hits at least 12,500 wannabe students
Lancaster University - which offers a GCHQ-accredited degree in security - has been struck by a "sophisticated and malicious phishing attack" that resulted in the leak of around 12,500 wannabe students' personal data. In a statement published yesterday evening, the university admitted that undergraduate applicant records for …
COMMENTS
-
This post has been deleted by its author
-
-
Tuesday 23rd July 2019 16:32 GMT Phil W
Of course there is. Speaking from experience there a wide variety of qualities of phishing attacks, ranging from random middle eastern email address you've never heard of, sending poor worded emails with links to poorly constructed pages asking for credentials in broken English, to attackers deliberately compromising known partner organisations of their real target and then using their real email accounts to email the target institution with very well constructed emails with fairly genuine looking links to extremely well constructed pages including the organisation's logo etc.
Not to say some common sense and training wouldn't also help defeat the well crafted attacks, but there is most definitely a varying sophistication of attacks.
-
-
Tuesday 23rd July 2019 14:21 GMT lglethal
umm what?
Just curious whats with the shoe horning in of data about how many foreign students there are at Lancaster Uni? Doesnt really seem relevant where people come from if there data's been stolen.
Unless there's some sort of subtle "Look dirty foreigners taking all the uni places" undercurrent here, which I do not expect at El Reg...
-
Tuesday 23rd July 2019 14:55 GMT tiggity
Re: umm what?
Foreign students often bring in more cash than UK ones, so popular with many unis (especially non EU students).
Could be relevant to how attacks were done as typically different pathways for applications from UK /other EU / non UK / EU.
So "nationality" of students data in breach could give hints to attack vector (assuming different pathways based on above mentioned "nationality"
-
Tuesday 23rd July 2019 15:17 GMT Anonymous Coward
Re: umm what?
Foreign (as in non-EU) students are perhaps more likely not to question the veracity of an "invoice" from "the university", as they will be paying tuition fees already, and so may be more of risk of being taken in and paying money to the scammers. In some cases, their English language skills may also not be as good, also increasing the risk to them. S/E/W/NI/other-EU students might perhaps be more likely to spot that the fraudulent emails are scams?
I am sure no racism was intended: it is the fact that universities tend to be very international places that is part of their dynamism and being melting pots of ideas and experiences (sadly, mine wasn't so much, and I didn't have the awareness or knowledge to perhaps have made a better choice at that time).
-
-
Tuesday 23rd July 2019 21:37 GMT Anonymous Coward
Hmm, I have a relative of a relative who works there, I believe teaching computer security stuff. His leg will be getting oulled a bit when I next see him !
Yeah, I know - there's a big gulf between the people running the admin systems and the people teaching the courses - but still good for a good leg pulling :-)
-
Wednesday 24th July 2019 11:54 GMT Anonymous Coward
Wrong picture
The building you've shown a picture of has very little to do with this story. The actual IT services provided to the campus are managed from a building which ironically is exactly across from the one in the picture. The courses and Computing department have nothing to do with how they run and manage their own IT services, and this is the same at pretty much all other universities as far as I know.
-
Friday 26th July 2019 01:06 GMT Anonymous Coward
Back in the day...
I used to work there, one of the system admins had connected netcat to cmd.exe on one of the secure AD schema administration workstations, and left the port unfirewalled and open to the world.
It got "hacked". All of the servers got hacked. Nobody knew if data had been pinched.
They had to rebuild the entire network from scratch, wihout using backups, as they couldn't determine how long the attacker had access for - it tool ages.