Nearly two weeks after notifying parents and families that the San Diego Unified School District was the subject of an unknown cybersecurity incident, the district updated employees that files containing their personal information was included in the breach.
In a letter shared with NBC 7 by district employees Wednesday, Dennis Monahan, the district's Executive Director of Risk Management & Captive Insurance stated that "while the investigation is still ongoing, that certain files stored on San Diego Unified systems were taken by an unauthorized party."
The investigation to this point "determined that the data involved includes personal information of many current and former employees who have been employed with the district since 2020," Monahan added.
San Diego News
Get San Diego local news, weather forecasts, sports and lifestyle stories to your inbox. Sign up for NBC San Diego newsletters.
The district said they would be issuing notification letters to impacted employees, which would include information about free membership to credit monitoring services.
SDUSD still has released very few details about the actual incident, but said they took steps to "secure our network, to launch an investigation, and to prevent any disruptions to IT operations." The district added, "critical systems" were still operational and there was no impact on their safety and emergency mechanisms at any schools or offices.
Law enforcement officials were also notified to assist with an investigation, as has a team of cybersecurity experts, the district previously confirmed.
While SDUSD has not confirmed whether or not the stolen employee records were the totality of the breach, federal agencies have warned criminal ransomware groups have targeted U.S. school districts in recent months with extortion demands and predicted the trend would continue throughout the school year.
The Los Angeles Unified School District was the target of an attack in September. The district said a hacker infected their computer networks with malicious software, locking up files and demanding a ransom payment. Thousands of files were stolen and then leaked on the dark web.
Cybersecurity attacks have also affected healthcare systems, including the local UC San Diego Health and San Ysidro Health systems.
Additionally, in a November 7 report filed with the California Attorney General's office, the Sweetwater Union High School District reported it discovered on one occasion in late September and a second instance in early October, there was unauthorized access to the Google Workspace accounts for some of its adult education students.
According to the state Attorney General office's website, "California law requires a business or state agency to notify any California resident whose unencrypted personal information, as defined, was acquired, or reasonably believed to have been acquired, by an unauthorized person."'
