Although cyberattacks on higher education institutions date back years, there has been a spike in university cyberattacks over the last two years. Cybercriminals had taken advantage of the rapid transition to hybrid learning that higher education institutions have been forced to implement before they had time to strengthen their cybersecurity, which has left most of them exposed. This is yet another example of accelerated adoption of new technologies before security measures are in place.

On the 22nd September 2022, Australian telecommunications company Optus reported that they had experienced a cyber breach affecting nearly 11 million customers, which may make it the worst cyber attack in Australia’s history. Details of this attack are still emerging, however it has taken a couple of twists in the weeks following the attack, and there are some early indicators as to what occurred. In the News.

In late August, a technology provider that offers student loan account management and payment services submitted a breach notice indicating that a compromise detected on July 22 exposed 2.5 million individuals’ data, including their names, contact information, and social security numbers. At present, neither the breach notice nor subsequent reporting have provided detailed insights into the nature of the breach, noting only that it likely began in June and continued until July 22.

Apart from external attackers, organizations need to consider another type of threat when planning their cybersecurity strategy: insider threats. There are different types of insiders. On the one hand, there are people who have secret knowledge and unintentionally create risk openings within an organization; and on the other, there are others who intend to cause harm, motivated by profit, extortion, or personal grievance. This means insiders can be classified as follows.

The world of digital security has been under the spotlight for various reasons in the last year. Several high-profile incidents have directly impacted the general public, from cyber attacks to privacy scandals. Uber is the latest company to be caught up in this whirlwind after hackers managed to breach their security and steal sensitive user data from the ride-hailing service. This article provides an overview of what happened, what went wrong, and what you can do to keep your accounts safe.

Illustration by jcomp On Sept. 15, Uber Technologies Inc. was breached by an 18-year-old. The hacker purchased an employee’s stolen credentials from the dark web and pushed a flood of multi-factor authentication (MFA) requests and fake IT messages to them in hopes of getting into their account. Irritated by the non-stop pop-ups, the employee caved in and approved the request, unwittingly setting off a cyberattack.