Dallas school district admits SSNs and more of all employees and students since 2010 accessed during security incident
The Dallas Independent School District — one of the biggest school districts in the United States — has released an advisory saying the personal data of students and employees was accessed and downloaded during a “data security incident.”
The school district serves more than 150,000 students and said in a notice that any student, employee, parent or contractor with the school district since 2010 is affected by the incident. When asked by ZDNet whether this was a cyberattack, the school district would not say.
The district received notice of the data security incident on August 8 and said federal law enforcement agencies are now involved in the effort to address what happened.
Although the investigation is still ongoing, they believe someone accessed the school district’s network, downloaded data and temporarily stored it on an encrypted cloud storage site.
The notice claims the data has been “removed from the site” but does not explain how this was done, whether the data was put somewhere else or sent to someone else.
Data that the school district is allegedly “required by law to maintain” was exposed during the attack, including the first and last names, addresses, phone numbers, social security numbers and dates of birth for current and former students, employees and parents.
Some students even had information about their custody status and/or medical condition exposed during the attack.
For employees and contractors, the hackers also gained access to their dates of employment, salary information and reason for ending employment.
“Despite our efforts, the district is now one of a growing number of public and private organizations experiencing cyberattacks,” the school district said.
“The district’s IT team, assisted by forensic consultants, has addressed specific vulnerabilities that were exploited during this event and will continue efforts to augment security going forward. We regret any inconvenience this incident may have caused and believe it is our responsibility to inform the public that we are taking steps to notify individuals whose records have been impacted.”
The district will be updating a website with information about the attack and said anyone who would like to sign up for free credit monitoring should call (855) 651-2605.
The hotline is being run by identity protection technology company Kroll, which the Dallas Independent School District hired to manage the aftermath of the attack.
The school district said it would be providing more specific information about what data from each person was accessed and would be sending it to Kroll, which could then let people know if they call the hotline.
Kroll is offering victims just 12 months of credit monitoring and ID theft recovery services. The school district is creating a website that allows victims to enter their information to access credit monitoring. Victims can also call to activate the monitoring. The credit monitoring website will be available to victims on September 10.
“We continue to investigate and remediate this incident. The district is conducting a comprehensive review of its systems and implementing additional security measures. We are confident these changes will decrease the possibility of a future incident,” the district statement explained.