The Tucson Unified School District (TUSD) recently experienced a cyber incident involving the Royal ransomware gang. Approximately 29,000 individuals had their private and confidential information leaked as a result of a ransomware attack earlier this year.
The Royal ransomware gang is known for targeting large corporations, government agencies, and private companies worldwide. The attack on the TUSD began in early 2023 and was only revealed to the public later in the year.
During a Governing Board Meeting, TUSD officials disclosed the data breach to the affected individuals and the public. The breach affected current and former employees, students, parents, and their dependents, making it a major breach of personal information.
Initial investigations revealed that the hackers only accessed a limited amount of information and did not have access to sensitive data. However, a follow-up investigation revealed that the breach may have compromised a larger number of individuals who had fallen victim to the extensive data breach.
Dr. Gabriel Trujillo, the Superintendent of TUSD, assured the public that no indications of data misuse had been found. The district meticulously reviewed approximately one million documents to ensure the identification of any instances of private and confidential information belonging to both past and present students and employees.
As a response to the breach, affected individuals will receive notification letters on August 25th, explaining the extent of the compromise and the subsequent steps for recourse. TUSD will also provide complimentary membership to an identity theft protection program for one year to support those impacted by the breach.
To address any concerns arising from the breach, TUSD has implemented a toll-free customer care number for all employees. The district is committed to responding to any issues promptly and has taken measures to enhance cybersecurity to protect sensitive data in the future.
In an effort to improve data security, TUSD has implemented a series of new rules. All documents and data uploaded to cloud platforms will undergo encryption to provide an additional layer of protection against unauthorized access. The district’s cloud infrastructure will maintain constant surveillance and respond promptly to potential threats, strengthening its defensive capabilities.
As a precautionary measure, TUSD has prohibited students from using flash drives to counter potential vulnerabilities that threat actors could exploit. Additionally, password policies have been strengthened, with a 16-character password requirement replacing the previous five-character threshold. Mandatory password changes every 90 days and integrated secondary authorization measures have also been implemented to enhance account security.
TUSD has made biannual cybersecurity training mandatory for all faculty and staff members to cultivate a more vigilant workforce and better prepare against potential threats. This comprehensive training program ensures that everyone can effectively tackle evolving security challenges.
The TUSD data breach serves as a reminder of the ever-present threat of cyberattacks and the importance of robust cybersecurity measures. By implementing new security measures and proactive training programs, TUSD aims to protect sensitive data and prevent future breaches.
(Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.)