San Diego District Breach Derails Data of More than 500,000 -- THE Journal

Breaking News

San Diego District Breach Derails Data of More than 500,000

By Dian Schaffhauser
01/10/19

In late December, families in the San Diego Unified School District were notified of a data breach launched through successful phishing emails. The number of affected people totaled more than 500,000, according to the district. A phishing email is an online scam in which a message appears to be from a legitimate source to encourage recipients to click on a link that enables criminals to fraudulently capture the information provided.

The school system estimated that before it was discovered the viewing and copying of some of the personal data had gone on for nearly a year, beginning in January 2018. The incident was uncovered in October by internal IT staff investigating a flurry of phishing emails, which were used to gather log-in information of some 50 staff members throughout the district.

According to the district, school police have also identified a "subject of the investigation" and have blocked stolen credentials.

Among the data exposed:

Student and staff names, birth dates, addresses and phone numbers;
Enrollment information, including discipline incident, health and attendance data;
Social Security numbers and state student ID numbers;
Emergency contact information;
Staff benefits details, such as beneficiaries and dependents and savings or flexible spending account information; and
Payroll and compensation information, including paychecks and direct deposit and tax details.

The data file containing student information dated back to the 2008-2009 school year.

District police and IT staff reported that they've identified the methodology used to breach district systems. All staff members whose accounts were compromised had the security on their accounts reset immediately upon discovery. Additional data security measures have been implemented to help prevent these types of occurrences from happening in the future, they said.

All individuals affected by the breach have been notified by letter and advised to set up identity theft alerts and take advantage of free credit reporting.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

E-Mail this page

Printable Format

Featured

Quizizz Rebrands as Wayground, Announces New AI Features

Learning platform Quizizz has become Wayground, in a rebranding meant to reflect "the platform's evolution from a quiz tool into a more versatile supplemental learning platform that's supported by AI," according to a news announcement.
New National Academy for AI Instruction to Provide Free AI Training for Educators

In an effort to "transform how artificial intelligence is taught and integrated into classrooms across the United States," the American Federation of Teachers (AFT), in partnership with Microsoft, OpenAI, Anthropic, and the United Federation of Teachers, is launching the National Academy for AI Instruction, a $23 million initiative that will provide access to free AI training and curriculum for all AFT members, beginning with K-12 educators.
Survey: AI Shifting from Cloud to PCs

A recent Intel-commissioned report identifies a significant shift in AI adoption, moving away from the cloud and closer to the user. Businesses are increasingly turning to the specialized hardware of AI PCs, the survey found, recognizing their potential not just for productivity gains, but for revolutionizing IT efficiency, fortifying data security, and delivering a compelling return on investment by bringing AI capabilities directly to the edge.
Nonprofit LawZero to Work Toward Safer, Truthful AI

Turing Award-winning AI researcher Yoshua Bengio has launched LawZero, a nonprofit aimed at developing AI systems that prioritize safety and truthfulness over autonomy.