Total Tests:

Las Vegas Students’ Personal Data Leaked, Post-Ransomware Attack

By Tara Seals for Threatpost
Tuesday, September 29, 2020

A researcher said he discovered an open data cache with names, grades, birthdates and more, after the Clark County School District refused to pay the ransom.

Ilia Kolochenko, founder and CEO of web security company ImmuniWeb, noted that the CCSD story could get messy if parents choose to sue the district over the attack and its handling of it.

“What may be tricky is an eventual lawsuit by the victims against the school,” he said via email. “The crunchy point will be whether a failure to pay a ransom, to preclude data from being published, may be construed as a failure to remediate the damage and thus make the school civilly liable for this specific leak and its consequences. The monetary damages will, however, likely be of a nominal value as evidenced by recent litigation in the US involving similar data breaches. The best avenue will likely be a settlement, providing the students with a necessary support to negate reasonably foreseeable consequences of the data breach and exposure of their PII [personally identifiable information].” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential