home.social

#hackandleak — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #hackandleak, aggregated by home.social.

  1. NEW by me:

    Another detail emerges about Instructure's agreement with ShinyHunters; Debate continues about whether to pay:

    databreaches.net/2026/05/16/an

    Cybersecurity experts make claims about ShinyHunters to journalists, but where is the evidence to support their claims? Journalists shouldn't just quote experts -- ask them the basis for their claims. How much evidence do they actually have to support their assertions?

    #hackandleak #databreach #Instructure #ShinyHunters #ransom #journalism

    @amvinfe @masek @euroinfosec

  2. NEW by me:

    Another detail emerges about Instructure's agreement with ShinyHunters; Debate continues about whether to pay:

    databreaches.net/2026/05/16/an

    Cybersecurity experts make claims about ShinyHunters to journalists, but where is the evidence to support their claims? Journalists shouldn't just quote experts -- ask them the basis for their claims. How much evidence do they actually have to support their assertions?

    #hackandleak #databreach #Instructure #ShinyHunters #ransom #journalism

    @amvinfe @masek @euroinfosec

  3. NEW by me:

    Another detail emerges about Instructure's agreement with ShinyHunters; Debate continues about whether to pay:

    databreaches.net/2026/05/16/an

    Cybersecurity experts make claims about ShinyHunters to journalists, but where is the evidence to support their claims? Journalists shouldn't just quote experts -- ask them the basis for their claims. How much evidence do they actually have to support their assertions?

    #hackandleak #databreach #Instructure #ShinyHunters #ransom #journalism

    @amvinfe @masek @euroinfosec

  4. NEW by me:

    Another detail emerges about Instructure's agreement with ShinyHunters; Debate continues about whether to pay:

    databreaches.net/2026/05/16/an

    Cybersecurity experts make claims about ShinyHunters to journalists, but where is the evidence to support their claims? Journalists shouldn't just quote experts -- ask them the basis for their claims. How much evidence do they actually have to support their assertions?

    #hackandleak #databreach #Instructure #ShinyHunters #ransom #journalism

    @amvinfe @masek @euroinfosec

  5. NEW by me:

    Another detail emerges about Instructure's agreement with ShinyHunters; Debate continues about whether to pay:

    databreaches.net/2026/05/16/an

    Cybersecurity experts make claims about ShinyHunters to journalists, but where is the evidence to support their claims? Journalists shouldn't just quote experts -- ask them the basis for their claims. How much evidence do they actually have to support their assertions?

    #hackandleak #databreach #Instructure #ShinyHunters #ransom #journalism

    @amvinfe @masek @euroinfosec

  6. @brianhonan There doesn't seem to have been any 2025 report for U.S., but in the 2026 U.S. focus based on a survey of 1000 small U.S. businesses, they have data on encryption incidents and report that of those that paid the extortion demand:

    -- only 50% recovered all their data;
    -- 27% were attacked again; and
    -- ransomware victims paid a ransom an average of 2.24 times to recover.

    Unfortunately, they don't report what percent have data leaked anyway in U.S. encryption incidents where victims pay, and they don't have any data on non-encryption #hackandleak incidents in the U.S. when small businesses are paying just to not leak data. The outcome may be the same as IE, but I wouldn't assume that.

    I'll email them to inquire, but I suspect if they had that data, they would have reported it.

    Thanks again for sharing that helpful resource.

    hiscox.com/documents/Hiscox-Cy

    @masek @amvinfe @euroinfosec

  7. @brianhonan There doesn't seem to have been any 2025 report for U.S., but in the 2026 U.S. focus based on a survey of 1000 small U.S. businesses, they have data on encryption incidents and report that of those that paid the extortion demand:

    -- only 50% recovered all their data;
    -- 27% were attacked again; and
    -- ransomware victims paid a ransom an average of 2.24 times to recover.

    Unfortunately, they don't report what percent have data leaked anyway in U.S. encryption incidents where victims pay, and they don't have any data on non-encryption #hackandleak incidents in the U.S. when small businesses are paying just to not leak data. The outcome may be the same as IE, but I wouldn't assume that.

    I'll email them to inquire, but I suspect if they had that data, they would have reported it.

    Thanks again for sharing that helpful resource.

    hiscox.com/documents/Hiscox-Cy

    @masek @amvinfe @euroinfosec

  8. @brianhonan There doesn't seem to have been any 2025 report for U.S., but in the 2026 U.S. focus based on a survey of 1000 small U.S. businesses, they have data on encryption incidents and report that of those that paid the extortion demand:

    -- only 50% recovered all their data;
    -- 27% were attacked again; and
    -- ransomware victims paid a ransom an average of 2.24 times to recover.

    Unfortunately, they don't report what percent have data leaked anyway in U.S. encryption incidents where victims pay, and they don't have any data on non-encryption #hackandleak incidents in the U.S. when small businesses are paying just to not leak data. The outcome may be the same as IE, but I wouldn't assume that.

    I'll email them to inquire, but I suspect if they had that data, they would have reported it.

    Thanks again for sharing that helpful resource.

    hiscox.com/documents/Hiscox-Cy

    @masek @amvinfe @euroinfosec

  9. @brianhonan There doesn't seem to have been any 2025 report for U.S., but in the 2026 U.S. focus based on a survey of 1000 small U.S. businesses, they have data on encryption incidents and report that of those that paid the extortion demand:

    -- only 50% recovered all their data;
    -- 27% were attacked again; and
    -- ransomware victims paid a ransom an average of 2.24 times to recover.

    Unfortunately, they don't report what percent have data leaked anyway in U.S. encryption incidents where victims pay, and they don't have any data on non-encryption #hackandleak incidents in the U.S. when small businesses are paying just to not leak data. The outcome may be the same as IE, but I wouldn't assume that.

    I'll email them to inquire, but I suspect if they had that data, they would have reported it.

    Thanks again for sharing that helpful resource.

    hiscox.com/documents/Hiscox-Cy

    @masek @amvinfe @euroinfosec

  10. @brianhonan There doesn't seem to have been any 2025 report for U.S., but in the 2026 U.S. focus based on a survey of 1000 small U.S. businesses, they have data on encryption incidents and report that of those that paid the extortion demand:

    -- only 50% recovered all their data;
    -- 27% were attacked again; and
    -- ransomware victims paid a ransom an average of 2.24 times to recover.

    Unfortunately, they don't report what percent have data leaked anyway in U.S. encryption incidents where victims pay, and they don't have any data on non-encryption #hackandleak incidents in the U.S. when small businesses are paying just to not leak data. The outcome may be the same as IE, but I wouldn't assume that.

    I'll email them to inquire, but I suspect if they had that data, they would have reported it.

    Thanks again for sharing that helpful resource.

    hiscox.com/documents/Hiscox-Cy

    @masek @amvinfe @euroinfosec

  11. @masek If the sole reason for paying is to reduce harm to the company or entity, then I tend to agree with you.

    But let's look at the Instructure situation. It was a #hackandleak situation with data that is not particularly valuable, so why pay, right?

    But then the attackers escalated and disrupted Finals week for tens of thousands of schools and millions of students.

    And if Instructure hadn't paid, would ShinyHunters keep attacking them and disrupting their ability to provide the software schools rely on? My bet is that they would have.

    When Instructure paid, I viewed it as them paying to stop the attacks more than to (just) allegedly delete data.

    And that was not to reduce harm to the business, although Lord knows, their reputation was taking quite a hit, but paying reduced the disruption and harm to the students and teachers and schools.

    And I'm okay with that. Does the payment reward criminals and make more crime more likely? Maybe. But even if the answer is "definitely," the company had a duty to mitigate harm to those who entrusted them with their data. And if that means paying, then their first duty is still to the ultimate victims and not to other companies.

    I feel even more strongly when the target is a healthcare entity and patient services are delayed, or emergency services are diverted elsewhere.

    I know, I know.... some people probably hate me for this opinion. To those who disagree with me strongly:

    Change my mind. And show me some actual data about how often some gangs do or do not keep their word.

    @amvinfe @euroinfosec

  12. @masek If the sole reason for paying is to reduce harm to the company or entity, then I tend to agree with you.

    But let's look at the Instructure situation. It was a #hackandleak situation with data that is not particularly valuable, so why pay, right?

    But then the attackers escalated and disrupted Finals week for tens of thousands of schools and millions of students.

    And if Instructure hadn't paid, would ShinyHunters keep attacking them and disrupting their ability to provide the software schools rely on? My bet is that they would have.

    When Instructure paid, I viewed it as them paying to stop the attacks more than to (just) allegedly delete data.

    And that was not to reduce harm to the business, although Lord knows, their reputation was taking quite a hit, but paying reduced the disruption and harm to the students and teachers and schools.

    And I'm okay with that. Does the payment reward criminals and make more crime more likely? Maybe. But even if the answer is "definitely," the company had a duty to mitigate harm to those who entrusted them with their data. And if that means paying, then their first duty is still to the ultimate victims and not to other companies.

    I feel even more strongly when the target is a healthcare entity and patient services are delayed, or emergency services are diverted elsewhere.

    I know, I know.... some people probably hate me for this opinion. To those who disagree with me strongly:

    Change my mind. And show me some actual data about how often some gangs do or do not keep their word.

    @amvinfe @euroinfosec

  13. @masek If the sole reason for paying is to reduce harm to the company or entity, then I tend to agree with you.

    But let's look at the Instructure situation. It was a #hackandleak situation with data that is not particularly valuable, so why pay, right?

    But then the attackers escalated and disrupted Finals week for tens of thousands of schools and millions of students.

    And if Instructure hadn't paid, would ShinyHunters keep attacking them and disrupting their ability to provide the software schools rely on? My bet is that they would have.

    When Instructure paid, I viewed it as them paying to stop the attacks more than to (just) allegedly delete data.

    And that was not to reduce harm to the business, although Lord knows, their reputation was taking quite a hit, but paying reduced the disruption and harm to the students and teachers and schools.

    And I'm okay with that. Does the payment reward criminals and make more crime more likely? Maybe. But even if the answer is "definitely," the company had a duty to mitigate harm to those who entrusted them with their data. And if that means paying, then their first duty is still to the ultimate victims and not to other companies.

    I feel even more strongly when the target is a healthcare entity and patient services are delayed, or emergency services are diverted elsewhere.

    I know, I know.... some people probably hate me for this opinion. To those who disagree with me strongly:

    Change my mind. And show me some actual data about how often some gangs do or do not keep their word.

    @amvinfe @euroinfosec

  14. @masek If the sole reason for paying is to reduce harm to the company or entity, then I tend to agree with you.

    But let's look at the Instructure situation. It was a #hackandleak situation with data that is not particularly valuable, so why pay, right?

    But then the attackers escalated and disrupted Finals week for tens of thousands of schools and millions of students.

    And if Instructure hadn't paid, would ShinyHunters keep attacking them and disrupting their ability to provide the software schools rely on? My bet is that they would have.

    When Instructure paid, I viewed it as them paying to stop the attacks more than to (just) allegedly delete data.

    And that was not to reduce harm to the business, although Lord knows, their reputation was taking quite a hit, but paying reduced the disruption and harm to the students and teachers and schools.

    And I'm okay with that. Does the payment reward criminals and make more crime more likely? Maybe. But even if the answer is "definitely," the company had a duty to mitigate harm to those who entrusted them with their data. And if that means paying, then their first duty is still to the ultimate victims and not to other companies.

    I feel even more strongly when the target is a healthcare entity and patient services are delayed, or emergency services are diverted elsewhere.

    I know, I know.... some people probably hate me for this opinion. To those who disagree with me strongly:

    Change my mind. And show me some actual data about how often some gangs do or do not keep their word.

    @amvinfe @euroinfosec

  15. @masek If the sole reason for paying is to reduce harm to the company or entity, then I tend to agree with you.

    But let's look at the Instructure situation. It was a #hackandleak situation with data that is not particularly valuable, so why pay, right?

    But then the attackers escalated and disrupted Finals week for tens of thousands of schools and millions of students.

    And if Instructure hadn't paid, would ShinyHunters keep attacking them and disrupting their ability to provide the software schools rely on? My bet is that they would have.

    When Instructure paid, I viewed it as them paying to stop the attacks more than to (just) allegedly delete data.

    And that was not to reduce harm to the business, although Lord knows, their reputation was taking quite a hit, but paying reduced the disruption and harm to the students and teachers and schools.

    And I'm okay with that. Does the payment reward criminals and make more crime more likely? Maybe. But even if the answer is "definitely," the company had a duty to mitigate harm to those who entrusted them with their data. And if that means paying, then their first duty is still to the ultimate victims and not to other companies.

    I feel even more strongly when the target is a healthcare entity and patient services are delayed, or emergency services are diverted elsewhere.

    I know, I know.... some people probably hate me for this opinion. To those who disagree with me strongly:

    Change my mind. And show me some actual data about how often some gangs do or do not keep their word.

    @amvinfe @euroinfosec

  16. @argv_minus_one

    I'm not sure I understand why people are trying to research what schools use Canvas. ShinyHunters provided a list of all of the schools that were caught up in this attack:

    databreaches.net/wp-content/up That list has 8,809 entities listed.

    It's not the entire universe of schools that use Canvas, but it's probably an accurate list of the schools that may be affected. A sample list ShinyHunters provided for my earlier report on this incident showed filesizes for: communication_channels.csv.gz, conversation_messages.csv.gz, conversations.csv.gz, and users.csv.gz. There were about 7,780 schools in that sample.

    And yeah, hang on to your Tox because Session is closing in July, it seems.

    #Instructure #Canvas #ShinyHunters #hackandleak #EduSec #databreach

  17. @argv_minus_one

    I'm not sure I understand why people are trying to research what schools use Canvas. ShinyHunters provided a list of all of the schools that were caught up in this attack:

    databreaches.net/wp-content/up That list has 8,809 entities listed.

    It's not the entire universe of schools that use Canvas, but it's probably an accurate list of the schools that may be affected. A sample list ShinyHunters provided for my earlier report on this incident showed filesizes for: communication_channels.csv.gz, conversation_messages.csv.gz, conversations.csv.gz, and users.csv.gz. There were about 7,780 schools in that sample.

    And yeah, hang on to your Tox because Session is closing in July, it seems.

    #Instructure #Canvas #ShinyHunters #hackandleak #EduSec #databreach

  18. @argv_minus_one

    I'm not sure I understand why people are trying to research what schools use Canvas. ShinyHunters provided a list of all of the schools that were caught up in this attack:

    databreaches.net/wp-content/up That list has 8,809 entities listed.

    It's not the entire universe of schools that use Canvas, but it's probably an accurate list of the schools that may be affected. A sample list ShinyHunters provided for my earlier report on this incident showed filesizes for: communication_channels.csv.gz, conversation_messages.csv.gz, conversations.csv.gz, and users.csv.gz. There were about 7,780 schools in that sample.

    And yeah, hang on to your Tox because Session is closing in July, it seems.

    #Instructure #Canvas #ShinyHunters #hackandleak #EduSec #databreach

  19. @argv_minus_one

    I'm not sure I understand why people are trying to research what schools use Canvas. ShinyHunters provided a list of all of the schools that were caught up in this attack:

    databreaches.net/wp-content/up That list has 8,809 entities listed.

    It's not the entire universe of schools that use Canvas, but it's probably an accurate list of the schools that may be affected. A sample list ShinyHunters provided for my earlier report on this incident showed filesizes for: communication_channels.csv.gz, conversation_messages.csv.gz, conversations.csv.gz, and users.csv.gz. There were about 7,780 schools in that sample.

    And yeah, hang on to your Tox because Session is closing in July, it seems.

    #Instructure #Canvas #ShinyHunters #hackandleak #EduSec #databreach

  20. @argv_minus_one

    I'm not sure I understand why people are trying to research what schools use Canvas. ShinyHunters provided a list of all of the schools that were caught up in this attack:

    databreaches.net/wp-content/up That list has 8,809 entities listed.

    It's not the entire universe of schools that use Canvas, but it's probably an accurate list of the schools that may be affected. A sample list ShinyHunters provided for my earlier report on this incident showed filesizes for: communication_channels.csv.gz, conversation_messages.csv.gz, conversations.csv.gz, and users.csv.gz. There were about 7,780 schools in that sample.

    And yeah, hang on to your Tox because Session is closing in July, it seems.

    #Instructure #Canvas #ShinyHunters #hackandleak #EduSec #databreach

  21. OK, so it seems that #ShinyHunters breached #Instructure again and replaced login pages with their own message to schools about how to contact them directly.

    The Canvas login page were replaced with the message in the screenshot below.

    Canvas subsequently replaced the login with "under maintenance" pages.

    #databreach #hackandleak #EduSec #cybersecurity

  22. OK, so it seems that #ShinyHunters breached #Instructure again and replaced login pages with their own message to schools about how to contact them directly.

    The Canvas login page were replaced with the message in the screenshot below.

    Canvas subsequently replaced the login with "under maintenance" pages.

    #databreach #hackandleak #EduSec #cybersecurity

  23. OK, so it seems that #ShinyHunters breached #Instructure again and replaced login pages with their own message to schools about how to contact them directly.

    The Canvas login page were replaced with the message in the screenshot below.

    Canvas subsequently replaced the login with "under maintenance" pages.

    #databreach #hackandleak #EduSec #cybersecurity

  24. OK, so it seems that #ShinyHunters breached #Instructure again and replaced login pages with their own message to schools about how to contact them directly.

    The Canvas login page were replaced with the message in the screenshot below.

    Canvas subsequently replaced the login with "under maintenance" pages.

    #databreach #hackandleak #EduSec #cybersecurity

  25. OK, so it seems that #ShinyHunters breached #Instructure again and replaced login pages with their own message to schools about how to contact them directly.

    The Canvas login page were replaced with the message in the screenshot below.

    Canvas subsequently replaced the login with "under maintenance" pages.

    #databreach #hackandleak #EduSec #cybersecurity

  26. @funnymonkey Thanks for the kind words.

    Someone commented on my Instructure post with a comment as "Sysadmin." They wrote:

    "Are you effin kidding me! We got an Email from Instructure saying we were impacted and now we have to inform all the students and families in our district.

    Why do these ShinyHunters keep attacking the edtech sector?? PowerSchool, infinite campus and now this.

    It’s only a Sunday night and law enforcement has still done nothing about these hackers. Regulators really need to hold these companies accountable for poor security practices."

    They raise valid points.

    #edtech #EduSec #cybersecurity #vendor #supplychain #databreach #hackandleak

  27. @funnymonkey Thanks for the kind words.

    Someone commented on my Instructure post with a comment as "Sysadmin." They wrote:

    "Are you effin kidding me! We got an Email from Instructure saying we were impacted and now we have to inform all the students and families in our district.

    Why do these ShinyHunters keep attacking the edtech sector?? PowerSchool, infinite campus and now this.

    It’s only a Sunday night and law enforcement has still done nothing about these hackers. Regulators really need to hold these companies accountable for poor security practices."

    They raise valid points.

    #edtech #EduSec #cybersecurity #vendor #supplychain #databreach #hackandleak

  28. @funnymonkey Thanks for the kind words.

    Someone commented on my Instructure post with a comment as "Sysadmin." They wrote:

    "Are you effin kidding me! We got an Email from Instructure saying we were impacted and now we have to inform all the students and families in our district.

    Why do these ShinyHunters keep attacking the edtech sector?? PowerSchool, infinite campus and now this.

    It’s only a Sunday night and law enforcement has still done nothing about these hackers. Regulators really need to hold these companies accountable for poor security practices."

    They raise valid points.

    #edtech #EduSec #cybersecurity #vendor #supplychain #databreach #hackandleak

  29. @funnymonkey Thanks for the kind words.

    Someone commented on my Instructure post with a comment as "Sysadmin." They wrote:

    "Are you effin kidding me! We got an Email from Instructure saying we were impacted and now we have to inform all the students and families in our district.

    Why do these ShinyHunters keep attacking the edtech sector?? PowerSchool, infinite campus and now this.

    It’s only a Sunday night and law enforcement has still done nothing about these hackers. Regulators really need to hold these companies accountable for poor security practices."

    They raise valid points.

    #edtech #EduSec #cybersecurity #vendor #supplychain #databreach #hackandleak

  30. @funnymonkey Thanks for the kind words.

    Someone commented on my Instructure post with a comment as "Sysadmin." They wrote:

    "Are you effin kidding me! We got an Email from Instructure saying we were impacted and now we have to inform all the students and families in our district.

    Why do these ShinyHunters keep attacking the edtech sector?? PowerSchool, infinite campus and now this.

    It’s only a Sunday night and law enforcement has still done nothing about these hackers. Regulators really need to hold these companies accountable for poor security practices."

    They raise valid points.

    #edtech #EduSec #cybersecurity #vendor #supplychain #databreach #hackandleak

  31. The NYS Department of Financial Services announced that they settled charges against Delta Dental Insurance Co. and Delta Dental of New York stemming from the 2023 Clop/MOVEit data breach.

    The state's investigation found that Delta had violated NYS cybersecurity regs in a number of ways.

    Delta has agreed to pay $2.25 million, none of which can be paid by their insurers and they can accept any reimbursement for the payment from any source.

    I wonder how many other MOVEit customers who do business in New York are also dealing with NYSDFS.

    databreaches.net/2026/05/01/ny

    #databreach #hackandleak #supplychain #0day #DeltaDental #MOVEit #Clop #NYSDFS

    @campuscodi @zackwhittaker

  32. The NYS Department of Financial Services announced that they settled charges against Delta Dental Insurance Co. and Delta Dental of New York stemming from the 2023 Clop/MOVEit data breach.

    The state's investigation found that Delta had violated NYS cybersecurity regs in a number of ways.

    Delta has agreed to pay $2.25 million, none of which can be paid by their insurers and they can accept any reimbursement for the payment from any source.

    I wonder how many other MOVEit customers who do business in New York are also dealing with NYSDFS.

    databreaches.net/2026/05/01/ny

    #databreach #hackandleak #supplychain #0day #DeltaDental #MOVEit #Clop #NYSDFS

    @campuscodi @zackwhittaker

  33. The NYS Department of Financial Services announced that they settled charges against Delta Dental Insurance Co. and Delta Dental of New York stemming from the 2023 Clop/MOVEit data breach.

    The state's investigation found that Delta had violated NYS cybersecurity regs in a number of ways.

    Delta has agreed to pay $2.25 million, none of which can be paid by their insurers and they can accept any reimbursement for the payment from any source.

    I wonder how many other MOVEit customers who do business in New York are also dealing with NYSDFS.

    databreaches.net/2026/05/01/ny

    #databreach #hackandleak #supplychain #0day #DeltaDental #MOVEit #Clop #NYSDFS

    @campuscodi @zackwhittaker

  34. The NYS Department of Financial Services announced that they settled charges against Delta Dental Insurance Co. and Delta Dental of New York stemming from the 2023 Clop/MOVEit data breach.

    The state's investigation found that Delta had violated NYS cybersecurity regs in a number of ways.

    Delta has agreed to pay $2.25 million, none of which can be paid by their insurers and they can accept any reimbursement for the payment from any source.

    I wonder how many other MOVEit customers who do business in New York are also dealing with NYSDFS.

    databreaches.net/2026/05/01/ny

    #databreach #hackandleak #supplychain #0day #DeltaDental #MOVEit #Clop #NYSDFS

    @campuscodi @zackwhittaker

  35. The NYS Department of Financial Services announced that they settled charges against Delta Dental Insurance Co. and Delta Dental of New York stemming from the 2023 Clop/MOVEit data breach.

    The state's investigation found that Delta had violated NYS cybersecurity regs in a number of ways.

    Delta has agreed to pay $2.25 million, none of which can be paid by their insurers and they can accept any reimbursement for the payment from any source.

    I wonder how many other MOVEit customers who do business in New York are also dealing with NYSDFS.

    databreaches.net/2026/05/01/ny

    #databreach #hackandleak #supplychain #0day #DeltaDental #MOVEit #Clop #NYSDFS

    @campuscodi @zackwhittaker

  36. This won't be the end of this controversy, but a California court did not dismiss claims against Bain Capital over the PowerSchool data breach. In considering the timeline and the private equity firm's actions before and after its acquisition of PowerSchool in 2024, the court noted, in part:

    "Post-closing, Bain directed PowerSchool to offshore cybersecurity, engineering, and IT functions to contractors, including offshoring required data-management tools that enabled vendors to bypass consent protocols and access protected school district computers directly.

    Bain failed to assess data-breach risks from the offshoring it directed.

    Post-closing, Bain directed layoffs of at least 5% of PowerSchool’s workforce, including critical domestic IT staff."

    Read more from Womble Bond Dickinson at womblebonddickinson.com/us/ins

    h/t, JDSupra, The National Law Review

    @douglevin @funnymonkey

    #EdTech #Liability #negligence #PowerSchool #BainCapital #hackandleak

  37. This won't be the end of this controversy, but a California court did not dismiss claims against Bain Capital over the PowerSchool data breach. In considering the timeline and the private equity firm's actions before and after its acquisition of PowerSchool in 2024, the court noted, in part:

    "Post-closing, Bain directed PowerSchool to offshore cybersecurity, engineering, and IT functions to contractors, including offshoring required data-management tools that enabled vendors to bypass consent protocols and access protected school district computers directly.

    Bain failed to assess data-breach risks from the offshoring it directed.

    Post-closing, Bain directed layoffs of at least 5% of PowerSchool’s workforce, including critical domestic IT staff."

    Read more from Womble Bond Dickinson at womblebonddickinson.com/us/ins

    h/t, JDSupra, The National Law Review

    @douglevin @funnymonkey

    #EdTech #Liability #negligence #PowerSchool #BainCapital #hackandleak

  38. This won't be the end of this controversy, but a California court did not dismiss claims against Bain Capital over the PowerSchool data breach. In considering the timeline and the private equity firm's actions before and after its acquisition of PowerSchool in 2024, the court noted, in part:

    "Post-closing, Bain directed PowerSchool to offshore cybersecurity, engineering, and IT functions to contractors, including offshoring required data-management tools that enabled vendors to bypass consent protocols and access protected school district computers directly.

    Bain failed to assess data-breach risks from the offshoring it directed.

    Post-closing, Bain directed layoffs of at least 5% of PowerSchool’s workforce, including critical domestic IT staff."

    Read more from Womble Bond Dickinson at womblebonddickinson.com/us/ins

    h/t, JDSupra, The National Law Review

    @douglevin @funnymonkey

    #EdTech #Liability #negligence #PowerSchool #BainCapital #hackandleak

  39. This won't be the end of this controversy, but a California court did not dismiss claims against Bain Capital over the PowerSchool data breach. In considering the timeline and the private equity firm's actions before and after its acquisition of PowerSchool in 2024, the court noted, in part:

    "Post-closing, Bain directed PowerSchool to offshore cybersecurity, engineering, and IT functions to contractors, including offshoring required data-management tools that enabled vendors to bypass consent protocols and access protected school district computers directly.

    Bain failed to assess data-breach risks from the offshoring it directed.

    Post-closing, Bain directed layoffs of at least 5% of PowerSchool’s workforce, including critical domestic IT staff."

    Read more from Womble Bond Dickinson at womblebonddickinson.com/us/ins

    h/t, JDSupra, The National Law Review

    @douglevin @funnymonkey

    #EdTech #Liability #negligence #PowerSchool #BainCapital #hackandleak

  40. This won't be the end of this controversy, but a California court did not dismiss claims against Bain Capital over the PowerSchool data breach. In considering the timeline and the private equity firm's actions before and after its acquisition of PowerSchool in 2024, the court noted, in part:

    "Post-closing, Bain directed PowerSchool to offshore cybersecurity, engineering, and IT functions to contractors, including offshoring required data-management tools that enabled vendors to bypass consent protocols and access protected school district computers directly.

    Bain failed to assess data-breach risks from the offshoring it directed.

    Post-closing, Bain directed layoffs of at least 5% of PowerSchool’s workforce, including critical domestic IT staff."

    Read more from Womble Bond Dickinson at womblebonddickinson.com/us/ins

    h/t, JDSupra, The National Law Review

    @douglevin @funnymonkey

    #EdTech #Liability #negligence #PowerSchool #BainCapital #hackandleak

  41. Another #EdTech vendor has allegedly fallen prey to #ShinyHunters in yet another Salesforce-related hack-and-leak incident.

    Follett Software markets Aspen, Destiny, and Classroom Library Manager software to schools.

    The threat actors claim to have acquired 4 million records with PII and other corporate files, and have given Follett until May 4 to contact them.

    Because this is Salesforce related, there may actually be very little identifiable information about students or personnel in the customer support data, unless district or school personnel gave students' names or details in seeking help with the software or specific problems.

    I guess we'll find out soon.

    #EduSec #databreach #hackandleak

    @douglevin @funnymonkey @mkeierleber

  42. Another #EdTech vendor has allegedly fallen prey to #ShinyHunters in yet another Salesforce-related hack-and-leak incident.

    Follett Software markets Aspen, Destiny, and Classroom Library Manager software to schools.

    The threat actors claim to have acquired 4 million records with PII and other corporate files, and have given Follett until May 4 to contact them.

    Because this is Salesforce related, there may actually be very little identifiable information about students or personnel in the customer support data, unless district or school personnel gave students' names or details in seeking help with the software or specific problems.

    I guess we'll find out soon.

    #EduSec #databreach #hackandleak

    @douglevin @funnymonkey @mkeierleber

  43. Another #EdTech vendor has allegedly fallen prey to #ShinyHunters in yet another Salesforce-related hack-and-leak incident.

    Follett Software markets Aspen, Destiny, and Classroom Library Manager software to schools.

    The threat actors claim to have acquired 4 million records with PII and other corporate files, and have given Follett until May 4 to contact them.

    Because this is Salesforce related, there may actually be very little identifiable information about students or personnel in the customer support data, unless district or school personnel gave students' names or details in seeking help with the software or specific problems.

    I guess we'll find out soon.

    #EduSec #databreach #hackandleak

    @douglevin @funnymonkey @mkeierleber

  44. Another #EdTech vendor has allegedly fallen prey to #ShinyHunters in yet another Salesforce-related hack-and-leak incident.

    Follett Software markets Aspen, Destiny, and Classroom Library Manager software to schools.

    The threat actors claim to have acquired 4 million records with PII and other corporate files, and have given Follett until May 4 to contact them.

    Because this is Salesforce related, there may actually be very little identifiable information about students or personnel in the customer support data, unless district or school personnel gave students' names or details in seeking help with the software or specific problems.

    I guess we'll find out soon.

    #EduSec #databreach #hackandleak

    @douglevin @funnymonkey @mkeierleber

  45. Another #EdTech vendor has allegedly fallen prey to #ShinyHunters in yet another Salesforce-related hack-and-leak incident.

    Follett Software markets Aspen, Destiny, and Classroom Library Manager software to schools.

    The threat actors claim to have acquired 4 million records with PII and other corporate files, and have given Follett until May 4 to contact them.

    Because this is Salesforce related, there may actually be very little identifiable information about students or personnel in the customer support data, unless district or school personnel gave students' names or details in seeking help with the software or specific problems.

    I guess we'll find out soon.

    #EduSec #databreach #hackandleak

    @douglevin @funnymonkey @mkeierleber