Records reveal scope of Sweetwater Union High School District data breach

pMenuppCHULA VISTA KGTV â New records reveal how widespread a data breach was at the Sweetwater Union High School DistrictppInformation given to ABC 10News through a request from the California Public Records Act shows more than 22000 people were affected by the breach and the district paid a ransom to the alleged hackersppIt was in February 2023 when ABC 10News first learned of what was called an âincidentâ affecting internet access at the district At the time parents and employees were the ones to first share that informationppA February 14 text from the district spokesperson to ABC 10News confirmed the information technology system outageppThe district sent a letter dated June 23 to local news outlets about the incident At that time the school year was over and it was more than four months after the system outageppIt confirmed an unauthorized person gained access to the districts computer networkppFollowing a CPRA request filed June 24 ABC 10News received hundreds of documents from the district at the end of SeptemberppAn email dated May 13 2023 from a law firm to at least two district officials stated 12522 people who will require notification about the breach âincluding 12293 who had their Social Security number impacted and will be offered credit monitoringâppIt also said âIn addition 9842 students were identified as having had name date of birth andor email address impactedppIn a section titled âIncident Descriptionâ there were more details revealed about the incidentppâOn February 12 2023 SUHSD discovered that its email was inoperable After investigating SUHSD discovered that 20 of its servers were encrypted and ransom notes were found on 81 servers and several printersâppAccording to the document the initial ransom demand was 15 million âPayment to the treat actor in the amount of 175000 was completed on March 2 2023â the email statedppNumerous employees told ABC 10News the district did not give them any idea on the scope of the breachppEmployee Michelle Beale acted right after she found out about the February incident even though details were scarce at the timeppâI got the foresight when we first got wind to freeze our credit and luckily we did because inquiries had been made in my husbands credit to try to open accounts in his nameâ Beale saidppCybersecurity expert and University of San Diego professor Nikolas Behar said incident response can take several days but school districts should be prepared for any scenarioppâIts really important for organizations to have a plan to respond to incidents because if they dont have a plan then somethings going to happen and theyre not going to know exactly what to doâ Behar saidppBehar said federal law requires publicly traded companies to notify affected parties of material data breaches within days but he said that same law does not apply to the education sectorppThe district is facing a classaction lawsuit over this incident In response to the legal action attorneys representing Sweetwater filed a demurrer saying the plaintiffs failed to state âsufficient factsâ or âmeet the high bar necessary to allege a constitutional invasion of privacyâppABC 10News asked for a followup interview from the school district inquiring if everything was resolved with the breach and if the superintendent would be available for an interview about security measures A spokesperson responded saying the district does ânot have an update to shareâppâThe district is paying for one year of credit monitoring Thereafter who has to pay for that credit monitoring We doâ Beale saidppTo help protect your information cybersecurity experts encourage you to use twofactor authentication and utilize strong passwords If you are affected by a breach check not only your credit but also your childrenâs creditppp