29,000 individuals’ personal, confidential information may have been breached in TUSD cyberattack

TUCSON, Ariz. (13 News) - Arizona’s second-largest school district has identified 29,000 individuals who may have had their private and confidential information stolen in January’s ransomware attack.

It’s been months since the hacker group known as “Royal” stole sensitive data from the Tucson Unified School District in a ransomware attack. During TUSD’s Governing Board Meeting, the public was finally able to hear from officials about the investigation and its findings.

When TUSD was first attacked, officials believed no sensitive information was accessed by the hackers. However, through investigation, it was discovered current and former employees, students, parents, and their dependents may have been victims of the data breach.

According to Dr. Gabriel Trujillo, Superintendent of TUSD, there is no evidence any data stolen from the hackers has been misused.

“An individual file-by-file review of around one-million individual documents was completed, searching for any employee or student past or current private, and confidential identifying information,” Dr. Trujillo said.

In response to the attack, TUSD had to restore computers, recover data and boost security measures.

“The technologies as you all note definitely changes,” Blaine Young, the Chief Operations Officer AT TUSD said. “It’s an ongoing journey. What has happened through this is our security posture has definitely been strengthened.”

The district says it’s making several improvements to make sure those on campus are engaging in ongoing district-wide cybersecurity communication.

• All documents and data uploaded to the cloud will now be encrypted.
• The cloud also offers 24-hour monitoring against any possible threats.
• Students will no longer be allowed to use flash drives.
• A stronger password will require users to have 16 characters instead of just five.
• Every 90 days all users will have to change their passwords and secondary authorization protection is also being added as an extra step to security.
• It will also be mandatory for all faculty and staff to attend cybersecurity training twice a year.

Tucson Unified is also working with the Arizona Department of Homeland Security to implement security safety measures.

Officials said by working and putting into effect Arizona’s Homeland Security programs will save the district around two-million dollars.

In addition, TUSD has started migrating information to the cloud which will transfer sensitive files such as student information, transportation routes, human resources information, student/teacher applications, and other data onto a cloud-based storage.

Officials said cloud-based storage is more secure and offers better protection from hackers.

“This is a good way to go, for the reasons I explain the security and the flexibility for the data and all our systems,” Rabih Hamadeh, the Executive Director of Technology Service at TUSD said. “This will be an ongoing transition and ongoing upgrade for this year as well.”

According to officials, those individuals who were part of the attack will receive a notification letter on Friday, August 25th.

In response, anyone who was a victim of the data breach will be offered complimentary membership to an identity theft program for one year. Details on how to obtain the membership will be included in the letters bein sent out.

TUSD is also offering a customer care toll-free number that will also be available for all employees to utilize starting Wednesday, August 23rd.

The district hopes by making these improvements in its overall cyber security will help keep sensitive data protected for years to come.

Be sure to subscribe to the 13 News YouTube channel: www.youtube.com/@13newskold.

Copyright 2023 13 News. All rights reserved.