An attacker sent spear-phishing to SDUSD personnel with the intent of trick
them into revealing credentials to access the district’s network services.
The attacker accessed personal information of student and staff, including
names, dates of birth, mailing and home addresses, telephone numbers, social
security numbers and/or state student ID numbers.
The hacker also accessed schedule, health data, schools of attendance, transfer
information, recorded legal notices, and attendance data.
Exposed info include data about the students’ parents or guardians,
emergency contacts of the district’s employees and staff benefits information
(health benefits enrollment information, beneficiary identify information,
dependent identity information, savings or flexible spending account
Both students and employees had Social Security numbers exposed, the hacker also accessed for some staff paychecks, salary and direct deposit information, routing and account numbers, deduction information, tax information.
The district discovered the data breach in October, but did not immediately
alert affected people because “it was necessary for our investigation to
not immediately tip off those responsible that we were aware of their
activities.” The breach is believed to date back to January 2018, this
means that the hacker accessed the information for 12 months.
The investigation is still ongoing and affected people are being notified
via email, according to the SDUSD the law enforcement identified a subject of the investigation and blocked
all stolen credentials.
In response to the incident, the staff members whose accounts were
compromised had their passwords reset. SDUSD announced the implementation of
extra security measures to avoid such kind of incident in the future.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.