

























Hong Kong’s privacy watchdog has condemned the owner of an education platform for paying a ransom to hackers who stole individuals’ personal data across 9,000 institutions worldwide, arguing that the money should have been spent on strengthening cybersecurity.
Privacy Commissioner for Personal Data Ada Chung Lai-ling on Friday also questioned whether the hackers had truly returned the data stolen from Canvas and urged affected users to remain alert to suspicious calls or messages claiming to be from the platform.
Instructure, the parent company of Canvas, said earlier this week that hackers had stolen personal data from 9,000 institutions around the world – including seven organisations in Hong Kong involving 72,571 people – before reaching an agreement with the hackers to return the compromised data.
“We condemned its way of handling as it is a hacking incident, which is illegal. Resources should not be given to these hackers but to invest in protecting the platform or improving its security. Does paying the ransom actually guarantee the recovery of all data?” Chung told media.
In a statement posted on its website on Wednesday, Instructure said the hacker had returned all personal data compromised after both sides “reached an agreement”. The company said it had received digital confirmation of data destruction and was informed that none of its customers would be extorted as a result of the incident.
Chung pointed out that this was the second time the platform had been hacked.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。