San Diego School District Falls Victim to Massive Data Breach -- Campus Security Today

San Diego School District Falls Victim to Massive Data Breach

More than half a million students, parents and staff members had their personal information exposed in a data breach in 2018.

By Sydny Shepard
January 03, 2019

More than 500,000 students, parents and staff members of San Diego Unified School District are dealing with the repercussions of having their data exposed in a breach that happened in 2018.

In December, San Diego Unified tweeted that an investigation led by their police and IT departments shined light on a breach that allowed an unauthorized user access to a district database.

The school district says it has notified all those who may have been affected via email.

The breach, which was discovered in October but could have happened any time before that in 2018, may have exposed a range of information including names, birth dates, addresses and Social Security numbers. Student information including schedules, disciplinary records and health details also could have been accessed.

The breached database also included parent and emergency contact information as well as staff member’s banking information plus payroll and benefit information.

San Diego Unified said the information dated back to the 2008-09 school year and encompassed more than half a million people. Even though the school district knew there had been a breach, they decided to wait until December to publicly announce it “to not immediately tip off those responsible that we were aware of their activities.”

The IT department believes the breach was made through a phishing scheme, in which victims are tricked into revealing confidential information through a deceptive email.

Tim Erlin, VP of Product Management at Tripwire, suggests setting up systems that allow you to have a complete understanding of who has been in your databases and can alert you when it sees a change.

“Phishing remains a major avenue for initial compromise. When planning security controls, it’s important to consider not only what an attacker might do, but also what an attacker with authorized access might do,” Erlin said. “In order to identify authorized, but malicious activity, it’s vitally important to have complete and comprehensive logs from all your systems. Detecting changes, and building a process for separating the good from the bad, can also be effective.”

Investigators are still trying to determine who is responsible for the breach.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Shooter Detection Systems Joins Partner Alliance for Safe Schools to Strengthen School Safety Efforts
04/08/2024
Parents are Part of School Security, Too
03/19/2024
Enhancing School Safety
03/15/2024
Access Control Trends
03/14/2024

Featured

California School District Modernizes Surveillance System

i-PRO Co., Ltd. (formerly Panasonic Security), a provider of professional security solutions for surveillance and public safety, recently announced that the Murietta Valley Unified School District (MVUSD) in Riverside County, CA, has undertaken a project to modernize its first-generation surveillance system to new high-resolution i-PRO network cameras, and the i-PRO Video Insight video management system (VMS). Read Now
- Video Surveillance
RAD Makes History with First Robotic Dog Deployed to Taylor Police Department

Robotic Assistance Devices, Inc. (RAD), a subsidiary of Artificial Intelligence Technology Solutions, Inc., recently announced that it has delivered a RADDOG LE to the Taylor, Michigan Police Department. The delivery of RADDOG LE to the Taylor Police Department marks a historic moment in the integration of technology within law enforcement. This milestone underscores RAD’s commitment to revolutionizing the landscape of security and public safety through cutting-edge AI-powered, robotic solutions. Read Now
- Facility Security
Passing the Test

The discussion about secured access and access control for higher education and K-12 is continuously expanding and evolving. That is a good thing. The more knowledge we gain and the more solutions that become available, linked and interoperable, the better and higher the level of security and safety. Read Now
- Access Control
Driving a Major Shift

One of the driving forces for change has been the high demand for unified solutions. Users are asking their vendors for a way to manage all their security systems through a single interface, from a single pane. This has led to a flurry of software development to seamlessly integrate access control systems with video surveillance, intrusion detection, visitor management, health monitoring, analytics with artificial intelligence (AI), and more. Read Now
- Video Surveillance

Webinars

Hanwha Vision (formerly Hanwha Techwin), Salient Systems, Eagle Eye Networks Inc, Evolv Technology

Shooter Detection: The First Line of Defense
Hanwha Techwin, Salient Systems, Evolv Technology, Omnilert, Eagle Eye Networks Inc, Traka ASSA ABLOY, i-PRO Americas Inc., Digital Watchdog, IPVideo Corporation, ProdataKey

Exploring Multiple Facets of Campus Security Summit
SparkCognition

How Visual AI Is Transforming the Conventional School Safety Model

Whitepapers

Metrasens

Case Study | Creating a Welcoming and Safe Experience for School Events
ProVision

Guide to Body Cameras for Campus Security
Omnilert

Guide to Evaluating Gun Detection Technology