Within hours of DataBreaches.net reporting litigation against Maricopa County Community College District (MCCCD) and statements by employees claiming that MCCCD is attempting to cover up its lax security by blaming employees, two (other) employees have started publicly revealing more details. Greg Argos of CBS5 (KPHO) reports that the two have come forward with documents to support their claims that MCCCD knew about security problems years before the breach:
“In late January of 2011, one of our employees had been searching the web and found Maricopa Community Colleges out there. Someone reportedly had our information for sale,” said Earl Monsour. At the time Monsour was the Director of Strategic Information Technologies at Maricopa County Community Colleges.
“There were actually viruses on our web servers,” he continued.
Miguel Corzo, another Director of Strategic Information Technologies, made this analogy about the 2011 breach:
“It is like having someone that you know come into your house to try to steal something from your home. Then (you) come back into your house and find out that nothing was missing. However, you knew someone was there and somebody had the potential to cause damage,” Corzo said.
Both men say they were assigned to fix the problem discovered in January 2011.
“What did both of you do?” asked CBS 5’s Greg Argos.
“My job was to report to the Vice Chancellor the status of the information. I did that. We continually told the Vice Chancellor what was happening,” said Monsour.
George Kahkedjian is the Vice Chancellor of ITS for MCCCD. Monsour said he delivered an internal report, titled ‘ITS Oversight Report’ to Kahkedjian in November of 2011 that discussed the security issues and stated the server had been hacked.
“In November of 2011, I created an oversight report that stated there had been no progress. (The server) was still a risk. It was a high risk and it could be critical to Maricopa (County Community Colleges),” Monsour said.
“And this was given to the department head?” asked CBS 5’s Greg Argos
“It was given to the Vice Chancellor,” responded Monsour.
Read more on KPHO. The employees’ statements to KPHO are consistent with what other employees told DataBreaches.net, cited in our coverage earlier today, including the statement by “Anonymous” that the IT department told management that they needed to wipe the server but MCCCD did not allow them to.
According to Argos’s report, both the employees he interviewed are now facing disciplinary action, and possible termination by the district. The employees who spoke with DataBreaches.net are not currently employed by MCCCD, which means at least four employees are all pointing fingers at MCCCD, who has tried to blame IT staff for “substandard” work that contributed to the 2013 breach.
MCCCD provided KPHO with the following statement:
“The Maricopa Community Colleges cannot respond publicly to these allegations. Based on the findings of an independent professional investigator, MCCCD initiated disciplinary action against several employees. Before action was recommended, each employee was afforded an opportunity to respond to the findings with additional information and perspective. Each employee requested and is entitled to a hearing before a final decision is made, and each has requested such a hearing. Advocates for some employees have attempted to make these personnel matters into public political issues: they have requested that the board stop the hearing process for these employees. However, MCCCD owes all affected employees a decision that is not influenced by publicity and politics. We cannot respond publicly to the allegations made by the advocates. The truth or falsity of those allegations will be tested in the hearing process, where all the evidence can be considered in context by an independent tribunal.”