blue cross of new mexico data breach

Sweetwater Union High School District Data Breach Update

Updated on July 25, 2024

You may have recently received a letter from Sweetwater Union High School District (SUHSD), informing you that your personal information was compromised in a data breach that occurred in February 2023, but SUHSD is just telling you about it now. If you are a present or former employee, student, or family member of either an employee or student of SUHSD, you have important rights you may need to act to protect.

According to a June 2023 letter from the district, it claimed it discovered the breach on February 25, 2023 when it experienced network outages that disrupted online learning and other operations. The district hired a cybersecurity firm to investigate the incident and found that an unauthorized third party had accessed its network and encrypted some of its files.

SUHSD claims it later learned that the intruder had also exfiltrated data from its servers. The District has failed to disclose the precise nature of the data that was exfiltrated. However, considering the servers that would have been accessed, the person with unauthorized access took files that either included or could have included names, dates of birth, Social Security numbers, addresses, phone numbers, email addresses, student ID numbers, grades, transcripts, attendance records, discipline records, health information, and/or payroll information of current and former students and employees.

SUHSD refused to reveal how many people were affected by the breach and for what period of time, but according to its website, it serves over 39,000 students and employs over 4,000 staff members across 32 schools in Chula Vista, Imperial Beach, National City and San Diego. They are offering no money and only a free year of credit monitoring and identity theft protection service to those affected.

As a victim of this breach, you may want to take additional steps to protect your data and identity from people who may try to exploit it. Here are some tips on how to do so:

  • Check your credit reports regularly. You can get a free copy of your credit report from each of the three major credit bureaus (Equifax, Experian, and TransUnion) once a year at www.annualcreditreport.com. Look for any accounts or inquiries you don’t recognize and report them immediately.
  • Place a fraud alert on your credit files. A fraud alert tells creditors to verify your identity before opening any new accounts or making any changes to your existing accounts. You can place a fraud alert for free by contacting the three credit bureaus. The alert will last for one year and will be shared with the other two bureaus automatically.
  • Consider freezing your credit. A credit freeze prevents anyone from accessing your credit reports without your permission. This can stop identity thieves from opening new accounts in your name, but it may also prevent you from applying for credit, loans, or services that require a credit check until you unfreeze your account. You can freeze your credit for free by contacting each of the three credit bureaus individually. You will need to provide some personal information and create a PIN or password to lift the freeze when needed.
  • Monitor your bank accounts and statements. Review your transactions regularly and look for any unauthorized or suspicious activity. If you notice anything unusual, contact your bank or card issuer right away – particularly if you get notice of an unauthorized transaction — and report it as fraud. You may also want to change your passwords and PINs for your online banking and card accounts.
  • Beware of phishing emails and calls. Scammers may try to impersonate the District, the credit bureaus, or other legitimate entities and ask you for personal or financial information, such as your Social Security number, account numbers, passwords, or PINs. Do not respond to such requests or click on any links or attachments in unsolicited emails or texts. If you are unsure about the legitimacy of a communication, contact the sender directly using a verified phone number or email address.

The SUHSD data breach is a serious incident that exposed thousands of people’s personal information to potential identity theft and fraud. By following these steps, you can reduce the risk of becoming a victim and protect your data and identity from further harm.