NEWS

SDUSD REPORTS MAJOR DATA BREACH

SDUSD REPORTS MAJOR DATA BREACH

Families with students attending schools in the San Diego Unified School District (SDUSD) received email notification Friday, Dec. 21 regarding a major data breach. The breach also included information from some SDUSD staff members. According to the email, all important information was “potentially” exposed including addresses, Social Security numbers, contact information and other personal data. The breach might go back as far as January 2018. Today, SDUSD verified that the email notification was in fact valid and accurate. The unauthorized person or persons, perpetrators of this breach, gathered network access log-in information from staff and used the information to log into the district’s network services, including the district student database.

More information will follow. Meanwhile, here is the content of the email notice from SDUSD:

Notice of Data Breach
This letter is in regard to an incident at San Diego Unified School District involving the security of you or your student’s personal data on the district’s information systems. We sincerely regret to inform you that, after completing a thorough forensics investigation, we have reason to believe your personal data may have been compromised through the access or use by an unauthorized individual. The unauthorized access resulted in the potential viewing or theft of the personal data of some students and staff members. The personal data potentially included social security numbers and other information listed below.  The San Diego Unified School District has taken the steps necessary to eliminate the threat to your personal data and implement improvements to prevent such unauthorized access from happening again. We are sending this letter to provide you more information about the incident and what you can do to remain vigilant and protect your information.

What Happened
During October 2018, Information Technology professionals were investigating multiple reports of phishing emails, which were used to gather log-in information of staff members throughout the district. Staff determined an unauthorized person or persons, was gathering network access log-in information from staff and using that information to log into the district’s network services, including the district student database. Access to the student database offers complete access to personal identifying information, potential health information, scheduling and grade information. All staff members whose accounts were compromised had the security on their accounts reset immediately upon discovery. The breach is believed to date back to January 2018.

What Information Was Involved
The accessed systems contained the following personal information:

  • Student and selected staff personal identifying information, to include: first and last name, date of birth, mailing address, home address, telephone number;
  • Student enrollment information, to include: schedule, discipline incident information, health information, school(s) of attendance, transfer information, legal notices on file, attendance data;
  • Student and selected staff Social Security Number and/or State Student ID Number
  • Student and staff parent, guardian and emergency contact personal identifying information, to include: first and last name, phone numbers, address (if provided), email address, employer information;
  • Selected staff benefits information, to include: health benefits enrollment information, beneficiary identify information, dependent identity information, savings or flexible spending account information;
  • Selected staff payroll and compensation information, to include: viewable paychecks and pay advices, deduction information, tax information, direct deposit financial institution name, routing number and account number, salary and leave information;

Access to the systems noted also included the ability to alter data within those systems.

We are not able to confirm, specifically, whether your personal data was viewed or copied from our systems as a result of this incident. We only know that the viewing or copying of some personal data was possible or occurred between January 2018 and November 1, 2018.

What We Are Doing
Once aware of the threat to student and staff data, we promptly took steps to secure the system and identify the scope of the incident with the help of law enforcement. We have continued to implement and explore additional security measures, and continue to review and audit our practices to prevent this from happening again. We have also coordinated our investigation and response to the incident with law enforcement to bring the perpetrator(s) of this incident to justice.  We have also provided notice of this incident to state authorities as required under applicable state laws.

What You Can Do
We highly recommend you review all credit information for all persons listed in the student or staff databases. Remain vigilant and report any fraudulent activity to your card-issuing bank, card issuer, or credit reporting agency as soon as possible. Regardless of whether or not you note any fraudulent activity on your card statement, we still recommend that you contact credit reporting agencies to notify them of the breach of your information.

Should you find evidence of identity theft, you can contact San Diego Unified School Police Department to file a police report. To file a police report, contact your local Campus Police Officer, or call School Police Dispatch at (619) 291-7678. San Diego Unified School District Police Department is tracking all incidents of crime related to this network intrusion, and is investigating with the assistance of forensic computer and electronic crimes investigators. You may also contact the Federal Trade Commission or one of the credit bureaus for more information about how to protect your identity.

For More Information:
You can place an identity theft/fraud alert, get credit freeze information for your state, or order a free credit report by calling any of the following credit reporting agencies at one of the phone numbers listed below or visiting their respective websites. Some states may charge a fee for such services.

Equifax – 1-888-766-0008
P.O. Box 740256 Atlanta, GA 30348
www.equifax.com

Experian – 1-888-397-3742
P.O. Box 4500 Allen, TX 75013
www.experian.com

TransUnion – 1-800-680-7289
P.O. Box 2000 Chester, PA 19022
www.transunion.com

Under state law, a security freeze prohibits a credit reporting agency from releasing any information from a consumer’s credit report without written authorization. However, please be aware that placing a security freeze on your credit report may delay, interfere with, or prevent the timely approval of any requests you make for new loans, credit mortgages, employment, housing or other services.

If you have been a victim of identity theft, and you provide the credit reporting agency with a valid police report, it cannot charge you to place, lift or remove a security freeze. In all other cases, a credit reporting agency may charge you a fee to place, temporarily lift, or permanently remove a security freeze. To place a security freeze on your credit report, you must send a written request to each of the three major credit reporting agencies listed above. The credit reporting agencies may also allow you to request such a security freeze online.

In order to request a security freeze, you will need to provide the following information:

1. Your full name (including middle initial as well as Jr., Sr., II, III, etc.);

2. Social security number;

3. Date of birth;

4. If you have moved in the past five (5) years, provide the addresses where you have lived over the prior five years;

5. Proof of current address such as a current utility bill or telephone bill;

6. A legible photocopy of a government issued identification card (state driver’s license or ID card, military identification, etc.);

7. If you are a victim of identity theft, include a copy of either the police report, investigative report, or complaint to a law enforcement agency concerning identity theft;

8. If you are not a victim of identity theft, include payment by check, money order, or credit card (Visa, MasterCard, American Express or Discover only). Do not send cash through the mail.

The credit reporting agencies have three (3) business days after receiving your request to place a security freeze on your credit report. The credit bureaus must also send written confirmation to you within five (5) business days and provide you with a unique personal identification number (PIN) or password, or both that can be used by you to authorize the removal or lifting of the security freeze.

To lift the security freeze in order to allow a specific entity or individual access to your credit report, you must call or send a written request to the credit reporting agencies by mail and include proper identification (name, address, and social security number) and the PIN number or password provided to you when you placed the security freeze as well as the identities of those entities or individuals you would like to receive your credit report or the specific period of time you want the credit report available. The credit reporting agencies have three (3) business days after receiving your request to lift the security freeze for those identified entities or for the specified period of time.

To remove the security freeze, you must send a written request to each of the three credit bureaus by mail and include proper identification (name, address, and social security number) and the PIN number or password provided to you when you placed the security freeze. The credit bureaus have three (3) business days after receiving your request to remove the security freeze.

The Federal Trade Commission (FTC) provides more information about how to protect your identity at either https://www.ftc.gov/ or https://www.identitytheft.gov/.

You may also find additional information on any applicable rights under the Fair Credit Reporting Act. You can also contact the FTC by using the information below.
Federal Trade Commission 1-202-326-2222
Bureau of Consumer Protection 600 Pennsylvania Avenue, NW Washington, DC 20580

Additional information to help protect your privacy and identify can be located at the California Attorney General’s website at the following link: https://oag.ca.gov/idtheft/information-sheets

Again, we sincerely regret that this incident has occurred.  If you have any questions, please contact us at (619) 260-5476, or go to: www.sandiegounified.org/datasafety

Sincerely,
Toren Allen
Executive Director
Integrated Technology

Here is the official press release from SDUSD:

San Diego Unified School District Alerts Staff and Families of Data Breach
The San Diego Unified School District has alerted employees and families to an incident at San Diego Unified School District involving the security of their personal data on the district’s information systems.

The district has reason to believe some employee and student personal data may have been compromised through the access or use by an unauthorized individual. Part of a “phishing” email effort, unauthorized access resulted in the potential viewing or theft of the personal data of some students and staff members.

Roughly 50 staff members whose accounts were compromised had the security on their accounts reset immediately upon discovery. Families of students whose data may have been accessed have been contacted by the district. The breach is believed to date back to January 2018 and could impact as many as 500,000 students who were enrolled in the district between the 2008-09 and 2018-19 school years.

“Data security has become an increasing concern for public agencies, corporations and private citizens nationwide,” said Toren Allen, executive director of San Diego Unified’s Integrated Technology Department. “We are constantly reviewing our practices and systems in an effort to find efficiencies and to identify potential vulnerabilities.”

San Diego Unified has taken necessary steps to eliminate the threat to personal data and has implemented improvements to prevent such unauthorized access from reoccurring.

For more information, families and employees have been directed to visit www.sandiegounified.org/datasafety

109 thoughts on “SDUSD REPORTS MAJOR DATA BREACH
  1. Hi there mates, its fantastic paragraph on the topic of teachingand completely explained,
    keep it up all the time.

  2. Thank you for the auspicious writeup. It in fact was a amusement account it.
    Look advanced to more added agreeable from you! By the way, how could we communicate?

  3. I am curious to find out what blog system you are utilizing?
    I’m experiencing some small security issues
    with my latest site and I’d like to find something more safeguarded.
    Do you have any suggestions?

  4. Hi there, I discovered your web site by the use of Google even as
    searching for a similar subject, your site came up, it appears
    good. I’ve bookmarked it in my google bookmarks.
    Hello there, simply turned into alert to your weblog through Google, and located that it’s truly informative.
    I am going to be careful for brussels. I will appreciate in the
    event you proceed this in future. Numerous other people can be benefited out of your
    writing. Cheers!

    My blog post – sky1388 pc download

  5. Right here is the perfect blog for everyone who hopes to understand this
    topic. You know a whole lot its almost hard to argue with you (not that I personally will need to…HaHa).
    You definitely put a brand new spin on a topic that has been discussed
    for decades. Excellent stuff, just great!

    Also visit my site – joker888 apk free download

  6. Hello there! Do you know if they make any plugins to assist with
    SEO? I’m trying to get my blog to rank for
    some targeted keywords but I’m not seeing very good gains.
    If you know of any please share. Many thanks!

    Here is my blog post: joker123 game

  7. Whoah this blog is fantastic i like studying your articles.
    Keep up the great work! You recognize, lots of persons are looking
    around for this info, you can aid them greatly.

    Feel free to surf to my site :: Testolmax Pills

  8. Its like you read my mind! You appear to know so much about
    this, like you wrote the book in it or something. I think that you can do with
    some pics to drive the message home a bit,
    but instead of that, this is excellent blog. A fantastic read.
    I will definitely be back.

    Stop by my web site :: Skyline X Drone Reviews

  9. Thanks for some other informative website. Where else may I
    get that kind of information written in such a perfect way?
    I have a project that I am simply now running on, and
    I have been on the look out for such information.

    My homepage VitaSilk Review – Emerson,

  10. I don’t know whether it’s just me or if perhaps everybody
    else encountering issues with your blog. It appears
    as though some of the written text in your content are running off
    the screen. Can someone else please provide feedback and let me know if this is happening to them too?
    This could be a problem with my web browser because I’ve had
    this happen before. Many thanks

    Also visit my site download game lpe88 (918kiss-m.com)

  11. Saya akan segera genggam rss Anda karena saya tidak bisa untuk menemukan layanan email
    langganan hyperlink atau e-newsletter Anda. Apakah Anda punya
    punya? Mohon ijin saya menyadari agar saya boleh berlangganan. Terima kasih.

    Here is my web page – Www jokerapk

  12. I’m really impressed along with your writing skills as neatly as with the format
    in your weblog. Is that this a paid theme or did you modify it your
    self? Either way keep up the excellent high quality writing, it is uncommon to look a great blog like this one today..

    Also visit my web-site – epicwinapk (https://xe88-my.com/)

  13. Hi there would you mind sharing which blog platform you’re using?

    I’m looking to start my own blog in the near future but I’m having a difficult time deciding between BlogEngine/Wordpress/B2evolution and
    Drupal. The reason I ask is because your layout seems different then most blogs
    and I’m looking for something unique. P.S
    Apologies for being off-topic but I had to ask!

    Here is my web blog – calibet demo id

  14. Hi colleagues, how is the whole thing, and what you wish for to say regarding this post, in my view its actually amazing
    in support of me.

    Feel free to surf to my website … i1 sky1388

  15. Very nice post. I simply stumbled upon your blog and
    wished to say that I have really loved browsing your weblog posts.
    After all I will be subscribing in your feed and I hope you
    write again soon!

    My site … www lpe88apk

  16. Attractive component to content. I simply stumbled upon your web site and in accession capital
    to say that I get actually enjoyed account your blog
    posts. Any way I’ll be subscribing to your feeds and even I achievement you get
    right of entry to consistently quickly.

    Here is my web site: cara menang kiss918 [xe88sg.com]

  17. If some one needs expert view concerning blogging then i
    suggest him/her to pay a visit this web site, Keep up the nice job.

    Here is my website: Mega Arise Max Pills
    Jeffry,

  18. I seriously love your blog.. Great colors & theme.
    Did you make this amazing site yourself? Please reply back
    as I’m looking to create my own website and want to find out
    where you got this from or just what the theme is called.
    Thank you!

    my site – 918kiss 2 slot

  19. Please let me know if you’re looking for a article author for your
    blog. You have some really great articles and I think I would be a good asset.

    If you ever want to take some of the load off, I’d love to write some content for your blog in exchange for a link
    back to mine. Please blast me an e-mail if interested. Kudos!

    my page … xe88 promotion

  20. Attractive element of content. I just stumbled upon your website and in accession capital to claim that I get in fact loved account your weblog posts.
    Anyway I’ll be subscribing to your augment and even I fulfillment
    you access consistently rapidly.

    Feel free to visit my web blog PharmaLabs Keto Pills

  21. Hey! Would you mind if I share your blog with my facebook group? There’s a lot of folks that I think would really appreciate your content. Please let me know. Cheers

  22. fantastic submit, very informative. I ponder why the opposite experts of this sector do not realize this.
    You must continue your writing. I am sure, you have
    a huge readers’ base already!

    my blog post :: VitaSilk Lux – Isabell,

  23. I’m not sure why but this web site is loading extremely slow for me.
    Is anyone else having this problem or is it a issue on my end?
    I’ll check back later and see if the problem still exists.

    My web blog: Body Core Keto

  24. Thank you, I have recently been searching for information approximately this subject for a long time and yours is the greatest
    I’ve discovered till now. But, what about the conclusion? Are you certain concerning the source?

    My web-site … Nitro Strive Nitric Oxide Review (James)

  25. Thanks , I’ve just been searching for info approximately
    this topic for ages and yours is the best I’ve found out till now.
    But, what about the bottom line? Are you positive concerning the supply?

  26. May I simply say what a comfort to find someone that truly understands what they’re discussing online.

    You certainly understand how to bring a problem to light and make it
    important. More people must look at this and understand this side of your story.

    I can’t believe you are not more popular because you definitely have the gift.

    my website – Nutri Blendx Reviews

  27. Great ? I should certainly pronounce, impressed with your site.
    I had no trouble navigating through all the tabs as well as related info
    ended up being truly easy to do to access. I recently found what I hoped for
    before you know it at all. Quite unusual. Is likely to appreciate it for those who
    add forums or something, website theme . a tones way
    for your client to communicate. Excellent task.

    Look into my website :: http://www.craksracing.com

  28. Hey I am so glad I found your blog, I really found you by error, while I was looking on Digg for something else, Anyhow I
    am here now and would just like to say many thanks for a fantastic post and a all round enjoyable
    blog (I also love the theme/design), I don’t have time
    to read it all at the moment but I have book-marked it and also
    included your RSS feeds, so when I have time I will be back to read a great deal more, Please do keep up the great
    work.

  29. I like the helpful information you supply to your articles.

    I will bookmark your blog and take a look at again right
    here frequently. I am somewhat certain I’ll be informed many
    new stuff right here! Best of luck for the following!

  30. I was recommended this blog by way of my cousin.
    I am no longer sure whether or not this put up is
    written via him as no one else understand such particular about my difficulty.
    You’re incredible! Thank you!

  31. It’s awesome to pay a visit this site and reading the views of
    all friends regarding this paragraph, while I am also zealous of getting knowledge.

  32. Hello there, You have done an excellent job. I will definitely digg it and personally recommend
    to my friends. I am confident they’ll be benefited from this
    web site.

  33. Great – I should certainly pronounce, impressed with your website.
    I had no trouble navigating through all tabs as well as related information ended up being
    truly easy to do to access. I recently found what I hoped for before you know it in the least.
    Quite unusual. Is likely to appreciate it for those who add forums or something,
    website theme . a tones way for your client to communicate.
    Nice task.

    My blog … NeoBio Keto Review

  34. I feel that is one of the such a lot significant info for me.
    And i’m satisfied studying your article.

    However wanna remark on few common issues, The site taste is perfect,
    the articles is really nice : D. Good job, cheers

  35. Excellent post. I was checking constantly this
    weblog and I’m inspired! Very useful information specially the ultimate part 🙂 I take
    care of such information much. I used to be looking for this particular information for a very
    lengthy time. Thanks and best of luck. cheap flights http://1704milesapart.tumblr.com/ cheap flights

  36. I was wondering if you ever considered changing the
    page layout of your blog? Its very well written; I
    love what youve got to say. But maybe you could a little more in the way of content so people could connect with it better.

    Youve got an awful lot of text for only having 1 or 2 images.

    Maybe you could space it out better?

    Here is my site :: hemp oil

  37. Magnificent beat ! I wish to apprentice at the same time as you amend your web site, how could i subscribe for a weblog site?
    The account helped me a applicable deal. I
    have been a little bit familiar of this your broadcast provided vibrant clear idea.

    Here is my blog: eating habits

  38. I’ve been exploring for a bit for any high-quality
    articles or blog posts on this kind of space . Exploring in Yahoo
    I at last stumbled upon this website. Studying this information So i’m glad to
    exhibit that I have an incredibly just right uncanny feeling I discovered just what I needed.
    I such a lot for sure will make certain to don?t forget this site and provides it a glance regularly.

    Feel free to surf to my homepage :: rucame.club

  39. Hello there, just became aware of your blog through
    Google, and found that it’s truly informative.
    I?m gonna watch out for brussels. I will appreciate if you
    continue this in future. Numerous people will be benefited from your writing.
    Cheers!

    my web blog :: Alfonso

  40. Hello! I know this is kinda off topic however I’d figured I’d ask.
    Would you be interested in exchanging links or maybe guest authoring a
    blog article or vice-versa? My website addresses a lot of the same topics as yours
    and I believe we could greatly benefit from each other. If you are interested feel free to shoot me an e-mail.
    I look forward to hearing from you! Terrific blog by the way!

    Look at my page :: hatched seeds require

  41. Good day! This is my first visit to your blog!
    We are a team of volunteers and starting a new project in a community in the same niche.

    Your blog provided us useful information to work on. You have done a extraordinary
    job!

    Review my site :: talk-video.com

  42. I don’t even know how I ended up here, but I thought this post was great.
    I do not know who you are but certainly you’re going to a famous blogger if
    you are not already 😉 Cheers!

    Check out my page … man skin care

  43. Great – I should definitely pronounce, impressed with your website.
    I had no trouble navigating through all tabs as well as related info ended up being truly simple to do to access.
    I recently found what I hoped for before you know it at all.
    Quite unusual. Is likely to appreciate it for those who add forums
    or something, web site theme . a tones way for your customer to communicate.
    Nice task.

    Also visit my web blog; http://www.hltkd.tw/

  44. My spouse and i still cannot quite feel that I could end up being one of those reading the important ideas found on your website.

    My family and I are really thankful for your generosity and for presenting me the opportunity to pursue my own chosen career path.
    Thanks for the important information I obtained from your web site.

    my site … induce lucid

Leave a Reply

Your email address will not be published.