Over 500k students and workers have been affected by this incident
Personal information belonging to more than
500k employees and students from the academic institutions of San Diego,
California, could have been stolen by malicious actors, as reported by cybersecurity
experts from the International Institute of Cyber Security.
Through a statement, the San Diego School District
reported that this incident, described as an “unauthorized access”, was carried
out through a simple phishing campaign in which the access keys of about 50
employees were compromised in several schools last January. Cybersecurity
personnel from academic institutions took about 10 months to detect the
incident.
In the case of the European Union’s General Data Protection Regulation
(GDPR), it is required that the organizations report this kind of incidents
within the next 72 hours to their discovery. On the other hand, U.S.
legislation about data breaches establishes that organizations can apply for a time
extension to conduct their own research, as reported by cybersecurity experts.
Apparently, one of the responsible individuals
has already been identified, and all the compromised access credentials have
been dismissed, although this does not mean that the attackers have not been
able to access personal information stored by the schools.
According to cybersecurity specialists, compromised
data include full names, birth dates, social security numbers, California State
student identification keys, parent/guardian data, payroll information of
school staff, and even tax details and salary information. Many of these data
could be of great use to some cybercriminal.
Several security firms reported that over one
million children in the United States were victims of identity fraud during
2017, resulting in losses of around $2.6M USD. According to experts in
cybersecurity, given the limited or null financial records that a child has, it
is very easy for criminals to open fake bank accounts on behalf of the infants,
among other similar activities.
In this incident also highlights the importance
of phishing for cybercriminals, since, according to estimates of multiple
security signatures, phishing is a common element in most data breaches,
because about 90% of these incidents start with fraudulent email campaigns.
