San Diego USD Hacked, 10 Years’ Worth of Data Stolen

Officials say that a hacker gained access to the personal information of over 500,000 San Diego Unified students and staff.

San Diego Unified School District experienced a data breach of the personal information going as far back as the 2008-2009 school year.

Personal data of more than 500,000 students and staff was stolen, reports Health Security.

Using a targeted phishing attack through what appeared to be authentic emails, the hacker collected the necessary login credentials to access the personal data.

Over an 11-month period, the hacker gained access to the names, dates of birth, Social Security numbers, mailing and home addresses, phone numbers, health information and legal notices of students and staff members.

About 50 district employees also had their login credentials stolen during the initial attack. Accompanied by the San Diego Unified Police, officials were able to identify the hacker and reset all accounts.

The breach was discovered by officials in October when staff reported the questionable emails to IT staff. However, the hackers remained on the system throughout the investigation, according to ZdNet.

“It was necessary for our investigation to not immediately tip off those responsible that we were aware of their activities,” officials posted in a breach notice.

Victims of the cyber-attack have now been notified since the first phase of the investigation is complete. The full investigation is on going.

“All individuals affected by the data breach have been notified directly. If a representative from San Diego Unified has not spoken with you directly about the issue, we do not have any evidence your data was altered or affected,” officials said. “Regardless of whether or not you received a notification, we still recommend that you contact credit reporting agencies to notify them of the breach of your information”

For those affected by the attack and who want to make sure they are protected in the future, the notice recommends:

  • Setting up an identity theft/fraud alert
  • Getting free information from your state
  • Ordering a free credit report through cred reporting agencies

More information can be found here.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author


Katie Malafronte is Campus Safety's Web Editor. She graduated from the University of Rhode Island in 2017 with a Bachelor's Degree in Communication Studies and a minor in Writing & Rhetoric. Katie has been CS's Web Editor since 2018.

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety HQ