CA School District Hit by Phishing Attack

CA School District Hit by Phishing Attack

Critical Insight undefined avatar

Critical Insight

from CI Security

A school district in California fell victim to a phishing attack. Databreaches.net posted a letter from Carmel Unified School District. In the letter dated March 8, 2019, the District stated, “An outside individual sent a ‘phishing’ email to certain District employees that resulted in unauthorized access to some District email accounts.”

Unfortunately, one of those accounts included documents containing employee information such as social security numbers, spouses’ and dependents’ social security numbers, birth certificates, and some sensitive medical information. This type of attack could lead to a FERPA violation for the district.

“An outside individual sent a ‘phishing’ email to certain District employees that resulted in unauthorized access to some District email accounts.Those documents may have contained employees’ or dependents’ information.”

— Carmel Unified School District, March 8, 2019, letter to employees 

Phishing Incidents Are Increasing

CI Security is seeing far more sophisticated phishing happening recently. That’s one of the reasons we use authentic Managed Detection and Response to limit the damage done by phishing. CI Security’s analysts are able to detect when an employee enters a password on an unencrypted site, a common phishing trick.

In a recent case, CI Security was able to catch a targeted phishing incident before the criminal did significant damage to a public agency.  

If you’re interesting in knowing more about how to use authentic MDR to combat phishing, send us a note.

Critical Insight contact background

Talk to one of our cybersecurity experts

245 4th St Ste 405Bremerton, WA 98337

Looking for careers?

View all job openings

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.