224
'Addicted to hacking': Young hacker behind historic breach speaks out for 1st time, before reporting to prison (abcnews.com)
submitted 4 days ago by return2ozma@lemmy.world to c/technology@lemmy.world
69 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] lmmarsano@group.lt 97 points 4 days ago

The breach pierced the education technology company PowerSchool -- used by 80% of school districts in North America -- and "put at risk the security of 60 million children and 10 million teachers," the Justice Department said.

With threats to expose social security numbers, dates of birth, family information, grades, and even confidential medical information, the breach cornered PowerSchool into paying millions of dollars in ransom.

I don't know: their getting caught may indicate less skill & more ease to break in due to irresponsible information security practices. Maybe companies like PowerSchool are shit & ought to have no business carrying that sort of information for 80% of public school districts. Maybe government is irresponsible for entrusting that information to these businesses with lax standards. Seems like institutional irresponsibility all around.

Organized criminals see easy exploits & easy useful idiots to assume the legal risk of their ventures.

[-] retiredIdentity@lemmy.dbzer0.com 14 points 4 days ago

The company i work for has to go through annual PCI Compliance testing to make sure CC transactions are not leaking card information and storage is encrypted if we stored (we don't) thus information. Even our network is scrutinized closely. We are also required to have bi-annual table top exrcises and they are talking about pentestung. What kind of Compliance do any of these companies have.

[-] IphtashuFitz@lemmy.world 8 points 3 days ago

Same here. We also contract with HackerOne, a company of “white hat” hackers that actively attack our site and earn significant bounties if they can do something like remotely execute commands, exfiltrate data, etc. Only after they provide us with a repeatable set of steps and we close the hole do they get paid.

[-] Taleya@aussie.zone 1 points 3 days ago* (last edited 3 days ago)

They don't. The only private companies who have to monkey dance like that are cinema content handlers who want TPN status

Must protect the IP

this post was submitted on 15 Apr 2026
224 points (100.0% liked)

Technology

83893 readers
2689 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws