The California Office of the Attorney General reported a data breach involving Carmel Unified School District on March 8, 2019. The breach occurred on January 5, 2019, due to a phishing email that resulted in unauthorized access to employee email accounts, affecting personal information such as social security numbers and medical documents for unspecified individuals.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-145289
TPRM report: https://www.rankiteo.com/company/carmel-unified-school-district
"id": "car712072825",
"linkid": "carmel-unified-school-district",
"type": "Breach",
"date": "1/2019",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Education',
'location': 'California',
'name': 'Carmel Unified School District',
'type': 'Educational Institution'}],
'attack_vector': 'Phishing',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Social Security Numbers',
'Medical Documents']},
'date_detected': '2019-01-05',
'date_publicly_disclosed': '2019-03-08',
'description': 'The California Office of the Attorney General reported a data '
'breach involving Carmel Unified School District on March 8, '
'2019. The breach occurred on January 5, 2019, due to a '
'phishing email that resulted in unauthorized access to '
'employee email accounts, affecting personal information such '
'as social security numbers and medical documents for '
'unspecified individuals.',
'impact': {'data_compromised': ['Social Security Numbers',
'Medical Documents'],
'systems_affected': ['Employee Email Accounts']},
'initial_access_broker': {'entry_point': 'Phishing Email'},
'post_incident_analysis': {'root_causes': 'Phishing Email'},
'references': [{'date_accessed': '2019-03-08',
'source': 'California Office of the Attorney General'}],
'title': 'Data Breach at Carmel Unified School District',
'type': 'Data Breach',
'vulnerability_exploited': 'Human Error'}