A Pair Of Student Aid Websites In BC Possibly Pwned By Hackers

A pair of websites in BC related to student aid have apparently been pwned by hackers. CBC News has the details:

The Ministry of Advanced Education and Skills Training says it has temporarily shut down two British Columbia websites after both appear to have been compromised.

The home pages of StudentAid B.C. and LearnLive B.C. were altered Sunday and replaced with a statement allegedly from a hacker group.

The affected sites offer application assistance or details about scholarships, grants, bursaries, loans and other financial programs for post-secondary students.

A statement from the ministry says it has been alerted to the problem and is investigating, along with the Office of the Chief Information Officer.

Needless to say, this is not good. And it isn’t clear at this point if any information has been leaked. Which is also not good. David Masson, Director of Enterprise Security for Darktrace had this to say:

Threat actors seek to cause maximum disruption, regardless of the victim or organization. In taking down the StudentAid B.C. website right at the beginning of the summer semester, cyber criminals are intending to inflict as much harm as possible to a vulnerable part of the B.C. population. Little has been disclosed about the nature of the attack, and this lack of information will only be causing more concern for organizations who are keen to avoid the same fate.

With machine-speed, novel attacks on the rise throughout Canada, traditional signature and rules-based security systems are simply not able to match the pace of attacker ingenuity. In addition, with security teams still struggling with the fallout from mass and sudden digital transformation, more and more Canadian organizations are turning to AI to identify attacks as they happen and autonomously respond to stop them from causing damage. AI is also capable of automatically investigating incidents such as those that happened on the StudentAid B.C. website, which drastically reduces time spent triaging and reporting, empowering human teams to disclose, reassure quickly, and most critically, to react before the damage is done. 

Hopefully, companies take heed of this warning and do what is required to stop this sort of thing from happening in the future.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: