Digital records of former and current students, alumni, parents and employees of one of the largest school authorities in the US may have been compromised in a hack.
“It appears the affected information has been contained and that none of it has been shared or sold,” the Dallas Independent School District said. “However, we cannot be 100% certain until additional forensic analysis is completed.”
A cyber-attacker accessed its network, downloaded information and temporarily stored it on an encrypted cloud storage site, from which it has since been removed, it added.
The data that leaked includes names, addresses, phone numbers, social security numbers, dates of birth, parent/guardian contact information, grades, and, for employees, dates of employment, salary information and reason for ending employment. The information goes back to 2010.
The authority said: “The confidentiality, privacy and security of information in our care is one our highest priorities. We take this matter very seriously and have invested significant resources to protect sensitive data.
“Despite our efforts, the district is now one of a growing number of public and private organisations experiencing cyber-attacks.”
It has contacted law enforcement agencies and, with the help of forensic consultants, has addressed specific vulnerabilities exploited during the attack and continue increasing security.
The authority said it regretted any inconvenience the incident may have caused and is notifying individuals whose records have been impacted. It is also offering 12 months of credit monitoring and identity theft protection services.
The Dallas Independent School District serves an area of 6.5m people and describes itself as the 16th largest public school district in the US.
PrivSec Global is back for another 2 information-packed days, featuring a series of brand new topics and themes.