The stolen data potentially included staff members' full names, Social Security numbers, driver's license numbers, bank account and routing numbers, and medical information including diagnosis and treatment information or health insurance information, according to a letter mailed to staff — obtained by The Gazette — dated July 22.
The Cedar Rapids Community School District has 3,500 employees.
"Unauthorized access" to school district networks was detected July 2 as a result of a cybersecurity incident that disrupted the district's day-to-day operations, according to the letter signed by Linda Noggle, executive director of talent management at the Cedar Rapids district. The district canceled its summer school the following week from July 5-8, impacting more than 750 children enrolled in programs.
District officials have not responded to questions from The Gazette regarding the nature of the cybersecurity breach, including if it was a ransomware attack to extort payment.
All authorized access to district networks has been disabled and an investigation is being conducted by the district with external cybersecurity professionals, according to the letter.
The breach disrupted some operations for four business days, according to an email to district staff last week from Superintendent Noreen Bush, which was shared with The Gazette. The district is continuing to work to get certain systems up and running and the investigation is ongoing.
According to the letter to staff, the cybersecurity incident resulted in "potential exposure of data." The hacker removed certain files from the network that may have contained some staff data. But as of now, district officials have no evidence indicating any stolen information has been used for identity theft or financial fraud, according to the letter.
The district is providing impacted staff members access to credit monitoring services at no charge. The services provide users with alerts for 12 months when charges occur to the user's credit file, the letter states.
The district also is providing staff with proactive fraud assistance to help with questions staff members may have or if they become a victim of identity theft. Services will be provided by Cyberscout through Identity Force, a TransUnion company specializing in fraud assistance and remediation services.
In the letter, Noggle suggests staff place a fraud alert or security freeze on their credit files or obtain a free credit report and review financial account statements and credit reports on a regular basis for fraudulent or irregular activity.
"With our recent cybersecurity event, our incredible teams worked around the clock to help us respond to this," Bush said in her email to staff. "Our staff members are truly public servants, and this is just another example of your dedication — like your response to the COVID-19 pandemic, the derecho and the flood.
"I am in awe — during each event — of how our staff responds," Bush continued. "Regardless of the challenges we face, we bring the same passionate, dedicated response to the community."
©2022 The Gazette (Cedar Rapids, Iowa). Distributed by Tribune Content Agency, LLC.
