CA: Centinela Valley Union High School District notifying employees and students of malware incident
On June 22, 2021, some Centinela Valley Union High School District computer systems were infected with malware that encrypted the data on those machines. We quickly identified and contained the malware, began to restore access to data, and launched an investigation with the assistance of a cybersecurity firm.
What Information Was Involved?
On July 8, 2021, the investigation determined that an unauthorized person accessed computer systems that store data pertaining to current and former employees and students, including names, Social Security numbers, financial accounts, health insurance information, and/or medical information. While we have no evidence that your personal information has been stolen or misused, our investigation thus far has not been able to rule out that possibility.
Read their full notification to California’s Attorney General here: https://oag.ca.gov/system/files/CVUHSD%20-%20Notification%20Letter%20Sample.pdf. They do not disclose who the threat actor(s) were and this incident has not appeared on any dedicated leak site so far.
A notice to community members is prominently leaked from the district’s web site home page.
In 2019, the same district reported a breach involving a phishing attack for W-2 forms. It is not clear from the current disclosure whether the attackers gained a foothold by a phishing incident or via some other means.