News

Data of Half-Million Chicago Students Exposed in a Ransomware Attack

Richard Marley
May 23, 2022
2 minutes read
1069

The personal information of more than half a million Chicago students and the staff was accessed in a ransomware attack consisting of records worth four years.

Last December, a ransomware attack compromised the personal information of more than a half million Chicago Public School students and staff members which wasn’t reported by the technology vendor Battelle for Kids till last month, as stated by the CPS Officials.

CPS was informed about the data breach on April 26 via a mailed letter, claiming that the server used to store data about the students and staff was breached and four years’ worth of data was accessed.

Around 495,448 student and 56,138 employee records were acquired from the 2015-16 through 2018-2019 school years, consisting of details about student’s names, gender, date of birth, CPS identification numbers, and scores on course-specific assessments utilised for teacher evaluations.

The CPS confirmed that the breach did not store any other records, as proclaimed in a statement “There were no Social Security numbers, no financial information, no health data, no current course or schedule information, no home addresses and no course grades, standardized test scores, or teacher evaluation scores exposed in this incident.”

The representative of CPS informed the affected families and staff that no evidence has been found of misusing the data. Still, they aim to provide a year of credit monitoring and identity theft protection to them.

Battelle for Kids was hired to assist district leaders to perform the “CPS REACH” teacher evaluation program. As the contract of the vendor with CPS states that they shall immediately report the distract of any data breach, a statement was passed by Battelle for Kids on Friday, “immediately engaged a national cybersecurity firm to assess the scope of the incident and took steps to mitigate the potential impact.”

No answers were given about why the company didn’t inform the CPS of the breach while claiming that they have placed stronger security protocols since the incident as the assessment is underway to be resolved.

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
Danish Gambling Operator Reports Tipwin to the Police for AML Failings
Then danish gambling operator Spillemyndigheden has reported Tipwin to the police for violating the Danish Money Laundering act

According to the sources, Spillemyndigheden, the government office based in Odense, Denmark, has reported to the police that the business has failed to create risk assessments of retail bets with a lack of written policies on its retail offerings.

It is also worth mentioning that the operator also lacks complete business procedures and controls for the offerings based on land or in regards to money laundering until 25 May 2022.

In the official statement of the regulator to the police, it stated all the shortcomings of Tipwin in compliance with the anti-money laundering standards. It stated: “Spillemyndigheden notes that the rules on risk assessment, policies and business procedures are absolutely fundamental in the Money Laundering Act. By failing to prepare a risk assessment, Tipwin has not had a useful tool that has provided an overview and understanding of where and to what extent Tipwin is exposed to money laundering or terrorist financing, and what measures are in place are necessary to mitigate the risks involved.”

This clearly states that the german based gambling operator, Tipwin is exposed to the illicit crimes of money laundering and terrorist financing and has failed to comply with the AML regulations. The Danish regulator also focused on the lack of preparation from the operator on assessments of risks which are fundamental components of the anti-money laundering act.

Spillemyndigheden also added: “Preparing a risk assessment of the company’s business model is a very fundamental means of limiting the risk of money laundering. Tipwin has thus also not had policies and operational procedures that stem from the risk assessment. By failing to prepare a risk assessment, the Gambling Authority has therefore handed over the case to the police investigation.”

The authority also launched an injunction on the breach of rules and procedures in regard to the online casino and betting operations. With the main emphasis on money laundering, the regulator released a statement last month which reminded businesses in the industry of the obligations. It mentioned the regulations most firms are complied with, which are in order to prohibit the financial interactions with individuals, groups, legal bodies or countries.

In addition, Spillemyndigheden issued a 3 months deadline to Tipwin to sort out the situation.

Suggested Read: Danish Gaming Regulator Sanctions Unibet Over AML Violations

Recent Posts

Blog
AML/CFT Compliance - Why Australia is a Safe Haven for Money Laundering
Recent inquiries and cases against major Australian casinos have raised questions about the measures adopted by the gambling sector to counter financial crime. The Star casino inquiry has shown the world how millions of billions of dollars have been laundered through the casino.

Not only has money laundering affected the gambling industry, but the dirty money cleaned through casinos has accounted for an increase in real estate prices and is also being invested in luxury items. The issue has now led authorities to question whether these gambling operators should be allowed to continue providing services after allowing money laundering and fraud.

Crown and Star Casinos – A Stain on Australia’s Reputation

The investigations into money laundering cases at Star and Crown casinos have proved that Australia has a poor reputation throughout the world for combating financial crime. Tens of billions of dollars are estimated to be laundered through the country annually. As of now, the senior management and directors of the casinos have been held accountable for the instances of money laundering, foreign intervention, and other types of organized crime. However, experts believe that questioning the higher management isn’t sufficient to clamp down on financing crime in the gambling sector.

In March this year, a federal Senate inquiry issued a report stating that Australia had failed to meet the Financial Action Task Force (FATF) international obligations for fighting money laundering. The Senate report also issued a warning about the increased costs in Australia’s banking sector. The country’s overall economy has been affected due to a stained reputation and cannot be recovered unless Anti-Money Laundering (AML) legislation and Counter-Terrorism Financing laws are not tightened.

The Australian Banking Association had the same view as it stated in the Senate inquiry that the country’s banks have to provide additional information and guarantees to foreign investors regarding their AML regime after the FATF rated Australia as non-compliant in certain areas. The federal government has repeatedly discussed the tightening of AML/CFT laws since 2015 when the Paris-based global watchdog first criticized its controls against financial crime. Australia being one of the founding members of the FATF doesn’t take the criticism lightly.

Australia’s Anti-Money Laundering Regime

In 2015, the FATF pointed out the failure of Australia’s AML/CFT laws that govern financial institutions and gambling service providers to bring lawyers and real estate agents under their scope. Even today, the laws do not oblige professional services firms to report suspicious activities. Whereas China and the US, which were also pointed out by the FATF for the same, have already started making efforts to bring professional services firms under AML/CFT laws.

The Australian Criminal Intelligence Commission (ACIC) and the Australian Federal Police have stated that professional services firms and the establishment of trusts and companies through nominees and third parties enable crimianls to obscure the real origins of their illegally-obtained funds.

Derwent Coshott, an expert on trust law and money laundering at University of Sydney said, ‘We still don’t require real estate agents to know who they’re dealing with. We do think that Australian properties have been used to launder money.’

If Australia brings lawyers, real estate agents, and accountants under the scope of AML regulations along with financial institutions and casinos, law enforcement agencies can get a better oversight on financial crime risks. Financial regulators like AUSTRAC and the Australian Tax Office, as well as law enforcers like the AFP and ACIC, can easily trace the beneficial owners of properties and illicit funds.

“By having secondary professions do the customer due diligence work, and report into AUSTRAC, when there are suspicious matters, you will be able to catch a lot of this. We want to extend those obligations to those secondary professions, and pretty much every other country in the world has.” says Derwent Coshott.

The expert says that failing to bring secondary professions under the scope of AML laws is leading Australia to getting the worst-ever scores on Transparency international’s global corruption index, where combating transnational corruption is one of the key factors.

How Casinos and Businesses Can Secure their Operations

Australia introduced the Customer Data Right (CDR) in 2019 that obliges many sectors including financial institutions to require and verify their customers’ personal information. The CDR allows financial firms and FinTech companies to secure their operations through the verification of their customers’ identities. It also provides the option to customers to share their information at a federal, state, or territorial level.

In June 2021, Australia saw new AML reforms that were known as Tranche 1.5. The new regulation allowed businesses operating in Australia to incorporate third-party identity verification solutions in order to comply with international KYC requirements. The Australian corporate structure can be secured from financial crime if businesses implement robust AI-driven KYC solutions to onboard legitimate users and identify high-risk entities.

Businesses and financial institutions must identify and report suspicious activities leading to financial crimes like money laundering and terrorist financing. Adopting a risk-based approach, financial firms and online gambling operators must monitor transactions involving large amounts, those without a defined purpose, and those with sudden variations in amounts.

What Shufti Pro Offers

While Australia’s vulnerability to money laundering and organized crime is obvious, firms that incorporate a robust AML Screening solution can steer clear of both money laundering and regulatory penalties. AML/CFT regulations oblige businesses to identify the ultimate beneficial owners and individuals who perform transactions for corporate customers. The FATF advises businesses to verify the identities of their customers through document verification checks and analyse the risk associated with them.

Shufti Pro’s AI-backed identity verification and Anti-Money Laundering (AML) screening solutions allow financial firms to adopt a risk-based approach. The globally acclaimed company offers services in 230+ countries and territories that ultimately overcomes the data transparency issues identified by FATF. In less than a second, financial organizations can get 98.67% accurate identity verification results.

To learn more about Shufti Pro’s AML Screening solution, get in touch with experts.

Talk to us

Data of Half-Million Chicago Students Exposed in a Ransomware Attack

Crown and Star Casinos – A Stain on Australia’s Reputation

Australia’s Anti-Money Laundering Regime

How Casinos and Businesses Can Secure their Operations

What Shufti Pro Offers

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.