San Diego Unified School District has disclosed a data breach exposing Personal information of around 500,000 staff and students.
On Friday in a statement San Diego Unified School District revealed that the hackers gained unauthorised access to their network services and databases via a phishing campaign.
Hacker has access to school networks between January and November 2018. The exposed data contained student information dating back to 2008-09 school year.
The information which were accessed by the hacker are:
- Personal details of students and staffs such as names, date of birth, mailing address, home address, telephone number, Social Security Number and/or State Student ID Number.
- Student enrollment information such as schedule, discipline incident information, health information, school(s) of attendance, transfer information, legal notices on file, attendance data.
- Personal information Student and staff parent, guardian and emergency contact.
- staff benefits information such as health benefits enrollment information, beneficiary identify information, dependent identity information, savings or flexible spending account information.
- staff payroll and compensation information, to include: viewable paychecks and pay advices, deduction information, tax information, direct deposit financial institution name, routing number and account number, salary and leave information.
According to breach notice, the staff became aware of the incident on october and decided not to disclose it to continue the investigation to find out the culprit.
“It was necessary for our investigation to not immediately tip off those responsible that we were aware of their activities. We are notifying any potential victims now because that phase of the investigation is over. However, our full investigation continues.”
You may be interested in reading:New Variants of Shamoon Disk-Wiping Malware Uploaded to VirusTotal