Cedar Rapids school staff information potentially stolen in cybersecurity breach
Cybersecurity incident July 2, disrupted school district’s operations, led to summer school being canceled for one week earlier this month
Cedar Rapids Community School District’s Educational Leadership and Support Center, 2500 Edgewood Road NW, on Wednesday, March 21, 2012, in Cedar Rapids. (Gazette file photo)
Cedar Rapids schools Superintendent Noreen Bush (Cedar Rapids Community School District)
CEDAR RAPIDS — Staff information was stolen from the Cedar Rapids Community School District earlier this month in a cybersecurity breach.
The data potentially included staff members full name, Social Security number, driver’s license number, bank account and routing number, medical information including diagnosis and treatment information or health insurance information, according to a letter mailed to staff — shared with The Gazette — dated July 22.
The Cedar Rapids Community School District has 3,500 employees.
“Unauthorized access” to school district networks was detected July 2, as a result of a cybersecurity incident that disrupted the district’s day to day operations, according to the letter signed by Linda Noggle, executive director of talent management at the Cedar Rapids Community School District.
The district canceled its summer school the following week from July 5-8, impacting more than 750 children enrolled in programs.
District officials have not responded to questions from The Gazette regarding the nature of the cybersecurity breach, including if it was a ransomware attack to extort payment.
All authorized access to district networks has been disabled and an investigation is being conducted by the district with external cybersecurity professionals, according to the letter.
The breach disrupted some operations for four business days, according to an email shared with The Gazette to staff from Superintendent Noreen Bush last week. The district is continuing to work to get certain systems up and running.
The investigation is ongoing.
According to the letter to staff, the cybersecurity incident resulted in “potential exposure of data.” The unauthorized individual removed certain files from the network that may have contained some staff data.
As of now, district officials have no evidence indicating any stolen information has been used for identity theft or financial fraud, according to the letter.
The district is providing impacted staff members access to Single Bureau Credit Monitoring services at no charge. The services provide users with alerts for 12 months when charges occur to the user’s credit file, the letter states.
The district also is providing staff with proactive fraud assistance to help with questions staff members may have or if they become a victim of identity theft. Services will be provided by Cyberscout through Identity Force, a TransUnion company specializing in fraud assistance and remediation services.
In the letter, Noggle suggests staff place a fraud alert or security freeze on their credit files or obtain a free credit report and review financial account statements and credit reports on a regular basis for fraudulent or irregular activity.
“With our recent cybersecurity event, our incredible teams worked around the clock to help us respond to this,” Superintendent Noreen Bush said in the email to staff. “Our staff members are truly public servants, and this is just another example of your dedication — like your response to the COVID-19 pandemic, the derecho and the flood.
“I am in awe — during each event — of how our staff responds,” Bush continued. “Regardless of the challenges we face, we bring the same passionate, dedicated response to the community.
Comments: (319) 398-8411; grace.king@thegazette.com
Gloss