Moreno Valley, Calif., Schools Report Data Breach

(TNS) — Moreno Valley Unified has warned its employees that sensitive information may have been shared with someone outside the organization.

“We are currently investigating a matter involving the accidental sharing of a folder that contained certain documents and information,” Superintendent Alejandro Ruvalcaba wrote in a June 6 email to all employees. “While we continue to determine the scope of information contained in the documents, we will proactively provide you access to credit monitoring and identity protection services early next week.”

He followed up midday Monday with another email to employees, according to records released to the Southern California News Group after a public records request. That email mostly provided details to district employees about access to a service to protect their credit and identity.

“We have received many questions regarding the type of information that was shared. We are working to determine that information,” the latter email from Ruvalcaba read in part.

The district had no further information, including whether student data had been compromised in the data breach, and had no public comment about the breach, according to district spokesperson Anahi Velasco.

School board President Sammie Luna did not respond to repeated requests for comment for this story.

According to the California Cybersecurity Integration Center, 38 of the state’s 2,286 public school systems suffered serious cyber attacks in 2023.

A January 2024 report from the center suggested those numbers are almost certainly an undercount and that, despite a legal requirement that school districts, county offices of education and charter schools report cyber attacks affecting more than 500 pupils or staff members to Cal-CSIC, many districts didn’t do so in 2023.

Moreno Valley Unified teaches more than 31,000 students, according to the California Department of Education.

The district isn’t alone in having cybersecurity issues:

• In 2019, San Bernardino City Unified had to rebuild about 300 computer servers after it suffered a cyber attack.
• In 2020, online instruction during the pandemic was interrupted after Rialto Unified’s servers were hit with malware.
• In 2022, cyber criminals threatened to release sensitive information about Los Angeles Unified students or employees if they weren’t paid a ransom.
• In 2023, Val Verde Unified confirmed it had suffered a data breach in 2022, and that unauthorized users had accessed sensitive information.

Cyber attacks on schools are getting more common. According to cybersecurity company Check Point Software, attacks against schools and colleges went up 37 percent in 2024 compared to 2023.

©2025 MediaNews Group, Inc. Distributed by Tribune Content Agency, LLC.