Cyber hack compromised personal data of all current, former students in Granite School District, district says
Dec 17, 2024, 7:37 AM | Updated: Dec 18, 2024, 2:07 pm
SALT LAKE CITY — After Granite School District said it suffered a cyber security “incident” that compromised the personal information of its employees, the district updated its initial statement Monday, revealing the data leak also impacted “all current and former Granite School District students.”
According to the district, it learned of the data leak on Sept. 20, when “suspicious activity on its network” was detected sometime between Sept. 11 and 25.
Superintendent Ben Horsley told KSL Newsradio, “upwards of 450,000 student records have been compromised.”
A district FAQ webpage on the incident said its “investigations thus far have determined that all current employees’ information was stolen.”
An investigation determined that “an unknown, unauthorized actor gained access to certain computer systems and accessed and/or acquired files stored on those computer systems.”
“Our insurance company is the one who directly worked with the attacker,” Horsley said. “This was an attempt for ransomware. They attempted to hold that information hostage.”
He said 15% of current and former student files contained social security numbers that were accessed. He said transcripts used to require social security numbers, so that’s why the district had them.
Names, addresses, phone numbers, any associated health information, grades and assessment results were also compromised in the leak.
The district said impacted individuals would be notified with an “individualized letter” detailing what information of theirs was affected. The letters, it said, were expected to be mailed by the end of December. The district was referring to the last known address they had on record for former employees.
“At this time we have no indication that anyone’s specific information was subject to actual or attempted misuse as a result of this incident,” the district said.
While the district worked to get the information out to those impacted, it provided a guide for parents in the interim with instructions on contacting credit bureaus or help with fraud alerts.
“Those pieces that we’ve been able to identify, again, as we confirm information, we’ve notified folks that potentially were impacted, even if those services weren’t widely available quite yet,” Horsley said. “We just wanted them to be aware and make sure that they were able to take proactive steps.
It was also working to review its policies, procedures and processes “related to the storage and access of personal information to reduce the likelihood of a similar future event.”
Horsley said passwords have changed and multi-factor authentication has been put into place.
The district said law enforcement was notified.
“FBI has been involved, the Cybersecurity Task Force and the State of Utah State Board of Education,” Horsley said. “We’ve made all those notifications and then they’ve been involved.”
This is a developing story. It may be updated.