SAN DIEGO (KGTV) – Thousands of families in the San Diego Unified School District getting a big heads up in a notice sent out on Thursday, a cybersecurity threat hitting the school district.
Sai Huda is a cybersecurity expert and runs a San Diego company, CyberCatch, that specializes in combating cyber-attacks on school districts.
He said the ramifications of one of these attacks could be massive given that schools have years upon years of personal info on students, families and staff.
"Now they can sell it on the Dark Web and commits identity theft for all of these young that might not see the impact for many years,” Huda said.
But Huda said others could see the impact right away.
"When they apply for a student loan or the parent has to supply the information for a student, that's when they find out the parent's identity has been stolen, or the student's identity has been stolen,” Huda said. “Credit's ruined, and all of sudden, they're like, 'what do we do now?'"
San Diego Unified told staff and families in a notice once it learned of the incident, the district locked down the network, launched an investigation and let law enforcement know what was happening. It also prevented any disruptions to IT operations. While the district didn’t say what kind of threat it was, SDUSD's also said the threat did not impact safety and emergency measures at district schools and offices while all critical systems are still operational.
Out of an abundance of caution, the district changed staff passwords and is in the process of changing students' passwords.
"Really, the school's got to step back and really take a deep dive and make sure this doesn't happen again,” Huda said.
In a notice to staff and families, Dr. Lamont Jackson, Superintendent of SDUSD, said, “We want our students and the San Diego Unified community to know that we place a high value on maintaining the integrity and security of the data we hold in our systems, and we are working diligently to complete our investigation of the incident.”
This isn't the first time San Diego Unified has been targeted.
In 2018, the district revealed a phishing attack had put hundreds of thousands of students' and staff's personal information at risk.
And a couple of months ago, Los Angeles Unified's network was hit by a ransomware attack that disrupted computer systems for days, with some personal information stolen.
For Huda, he believes this can happen again if serious steps like installing the federal NIST Cyber Framework aren't taken.
"Once the attacker gets in, frankly, it's a little too late, and it's probably going to happen again. So, you got to make sure there aren't any back doors that the attack may have left because they can come back and double dip in six months or a year,” Huda said.
A spokesperson for SDUSD said it'll provide more information once the investigation is complete. San Diego Unified also said in the coming days, staff will work on getting new passwords for students on a schedule set up by SDUSD.
