Tucson Unified School District administration said it is taking โessential steps to secure our network and ensure confidential information remains safe.โ
The written statement, issued Tuesday night, was the districtโs first substantial comment about a data security incident since reporting it Monday morning. The statement did not directly answer questions posed to TUSD on whether any personal information about the districtโs more than 42,000 students and 7,000-plus employees was compromised.
TUSD officials have declined to answer any questions about the incident, including the kind of data stored in the districtโs network services. Superintendent Gabriel Trujillo cited direction from lawyers as the reason for not commenting further as the investigation continues.
Here is the Tuesday night statement, unsigned by any administrator in particular, in its entirety:
โProtecting the security and privacy of personal information is of the utmost importance to Tucson Unified School District.
โEarly Monday morning we experienced a data security incident, which impacted some of our systems. Upon learning of the issue, we immediately commenced an investigation and began working with national external cybersecurity experts who regularly analyze these types of incidents. The forensic investigation is in its early stages and is ongoing. We appreciate the patience of our community as we take essential steps to secure our network and ensure confidential information remains safe.
โTUSD schools are fully functioning and students have access to the tools they need to continue their learning and stay on track. We greatly appreciate our staff working with us to develop alternative learning plans and using hotspots, as needed until the systems are fully restored.
โTucson Unified School District is taking this matter very seriously and continues to take significant measures to protect the information that we maintain. We apologize for the inconvenience; we will provide updates as the investigation and restoration process continues. We appreciate your patience and understanding as we work to get all systems back to normal.
โThank you. TUSD Leadershipโ
Margaret Chaney, president of the Tucson Education Association, said earlier Tuesday she believes some of the employee information stored in the districtโs network includes phone numbers, addresses, Social Security numbers, and certification and disciplinary records. She added that more sensitive material, like student medical records, is likely stored in different servers.
โIโm not so concerned about that because I know that the district is well aware of the issues that are ongoing with that ... and theyโre doing whatever they can to keep that safe, Iโm sure,โ Chaney said.
Some TUSD students were circulating a photo on social media of a message that schools throughout the district allegedly received Monday through school printers. The message in the photo stated the districtโs systems โwere hit by Royal ransomware.โ
Royal, according to the Australian Cyber Security Centre (ACSC), is a โransomware variant that is being used by cybercriminals to conduct ransomware attacks against multiple sectors and organizations worldwide.โ
Once the attackers hack into the victimโs network, ACSC states, they encrypt the victimโs data, lock the network in an unusable format, and demand a ransom to return access to the sensitive files.
