TUSD superintendent finally speaks out following cyberattack

Tucson Unified School District continues to investigate a crippling cyberattack.
Published: Feb. 3, 2023 at 12:15 PM MST
Email This Link
Share on Pinterest
Share on LinkedIn

TUCSON, Ariz. (KOLD News 13) - In a conference call with reporters on Thursday, Feb. 2, Tucson Unified School District Superintendent Dr. Gabriel Trujillo said some of the district’s computers and networks are still not fully functioning following a cyberattack.

Trujillo did say investigators have found no evidence that any personal or confidential information was stolen.

“There is no evidence that any confidential, personal, employee or student data has been extracted, taken or stolen from the network,” Trujillo said. “In the spirit of transparency, if this does change, we will promptly and immediately notify first and foremost, our employees who would be most affected by this kind of breach, then our parents, and then of course, the media and the wider community.”

The district still cannot confirm how the attack started. Trujillo said the district wants to be cautious in acknowledging how the breach happened in case it is still being monitored by the responsible party.

TUSD Chief Technology Officer Blaine Young said that the district’s security measures were in good standing at the time of the attack. The district had updated its systems in response to its original 2018 audit.

“We have strengthened our password, both in complexity and other things,” Young said. “We’ve also made changes to make sure that anybody departing the district for whatever reason, that day, those credentials are disabled.”

Trujillo added that this attack may have been prevented if the district’s current system was entirely cloud-based. The district runs on a hybrid model in which some servers are on their premises while others are in the cloud.

“As long as you have systems of operation that are tied to old-school land-based servers, an organization is going to be susceptible to these types of attacks,” Trujillo said.

But he recognizes that changing the entire system to the cloud would cost millions of dollars, which the district currently does not have.

The district could not comment on the exact cost of the repairs but emphasized they are covered through their insurance plan with the Arizona Risk and Retention Trust.

“There is no portion of this at this particular time, cost wise it’s been borne by the district’s maintenance and operation budget,” Trujillo said.

Going forward, the district hopes this incident will urge Arizona lawmakers to provide more capital funding for cybersecurity.

“We need the funds necessary to make sure that our infrastructure in our security measures are deep enough, strong enough, proactive enough to keep these cyber invaders out of our networks,” Trujillo said.

The district hopes to have all computers and networking working at full capacity by early next week.