Ohio Community College Data Theft Breach Affects Nearly 300K

An Ohio community college is notifying 290,000 people of a data theft breach this spring that may have compromised their personal, financial, and health information. In a breach notification Wednesday, Lakeland Community College did not provide any details on the attack, which occurred between March 7 and March 31, but the Vice Society ransomware group earlier this year had listed the college on its data leak website. "This particular ransomware operation seemed to focus on the education sector - presumably because they found it to be a lucrative niche," said Brett Callow, a threat analyst at security firm Emsisoft. While the community college breach may be relatively small, the incident illustrates why small schools such as this are now favored targets of cybercriminals, according to security researchers. In fact, a Sophos survey in June of 400 respondents in education found that about 80% of schools have reported hacking incidents, including ransomware, in the past year. "Education traditionally struggles with lower levels of resourcing and technology than many other industries, and the data shows that adversaries are exploiting these weaknesses," Sophos said.