Dear ·¬ÇÑÊÓÆµapp Unified Community,
As you are aware, our district joined an ever-growing number of U.S. school districts that have been targeted by cybercriminals when we experienced a sophisticated cybersecurity incident at the end of January. From the earliest moments of this incident, our team committed to providing updates as quickly as possible. In the spirit of full transparency and timely communication, we wanted to ensure that we are doing all that we can to provide you with the latest progress on this incident.
Recently, an external team of experienced cyber security professionals finalized an extensive review of documents and files containing personal information that were potentially accessed and/or acquired. The comprehensive nature of the investigative review of these files required a one by one review of approximately one million individual records over the past several months.
As this process has now concluded, the investigation identified approximately 29,000 people who had personal information potentially accessed and/or acquired. At this time, we are finalizing individual notification letters to those 29,000 potentially impacted people. The letters will list what personal information was identified during the investigation.
As a district, we are intent on continuing to support those whose information was potentially accessed and/or acquired. The individual notification letters provide the best guidance on steps that can be taken to protect against potential fraud. In addition to providing the individual notifications, we have set up a call center to help answer any questions you may have.
Maintaining the privacy and security of the personal information of those connected with TUSD is of the utmost importance to us, and we continually evaluate and modify our practices to enhance its security and privacy. I want to express my appreciation for your patience and support during this unprecedented cyber incident on our community as well as to extend our apologies for the inconvenience, stress, and anxiety the incident may have caused you and your loved ones.
Dr. Gabriel Trujillo
As a result of a sophisticated cybersecurity incident, TUSD discovered that an unauthorized actor accessed portions of their network.
Upon learning of this issue, TUSD contained the threat, notified law enforcement and commenced a prompt and thorough investigation with external cybersecurity professionals experienced in handling these types of incidents. After an extensive forensic investigation and manual file review, we discovered on July 21, 2023 that the files that were potentially accessed and/or acquired on or around January 20, 2023 contained some personal information.
TUSD wants to make you aware of the situation and provide you with guidance on how you can protect yourself.
If you have provided personal information over the phone or clicked on the links in a fraudulent email, we recommend reviewing the information contained in the notification letter you received that discusses ways in which you can take steps to protect your information.
- Enroll in the credit monitoring services offered at no cost to you.
- You should always remain vigilant in reviewing your financial and credit/debit card account statements for fraudulent or irregular activity on a regular basis.
- You may consider placing a fraud alert and/or security freeze on your credit file.
- You may order a free credit report.
- If applicable to you, you should follow the general practices provided in your notice letter that can help protect you from medical identity theft.
Activate the credit monitoring provided as part of your IDX identity protection membership. The monitoring included in the membership must be activated to be effective. Note: You must have established credit and access to a computer and the internet to use this service. If you need assistance, IDX will be able to assist you.
P.O. Box 9554
Allen, TX 75013
P.O. Box 2000
Chester, PA 19016-2000
|Equifax Security Freeze
P.O. Box 105788
Atlanta, GA 30348
|Experian Security Freeze
P.O. Box 9554
Allen, TX 75013
|TransUnion Security Freeze
P.O. Box 160
Woodlyn, PA 19094
In order to place the security freeze, you’ll need to supply your name, address, date of birth, Social Security number and other personal information. After receiving your freeze request, each credit reporting company will send you a confirmation letter containing a unique PIN (personal identification number) or password. Keep the PIN or password in a safe place. You will need it if you choose to lift the freeze.
If your personal information has been used to file a false tax return, to open an account or to attempt to open an account in your name, or to commit fraud or other crimes against you, you may file a police report in the City in which you currently reside.
If you do place a security freeze prior to enrolling in the credit monitoring service as described above, you will need to remove the freeze in order to sign up for the credit monitoring. After you sign up for the credit monitoring service, you may refreeze your credit file.
- Media outlet
- Contact information (both phone and email)
- Nature of inquiry
IF PRESSED FOR ADDITIONAL INFORMATION: I’m sorry, but I’ve given you all the information I have at this time and will need to have a spokesperson follow up.