On August 19, 2021, the California Office of the Attorney General disclosed a data breach affecting Fresno Unified School District, initially detected in March 2021. The incident involved missing storage media containing sensitive personal information, including names and Social Security numbers (SSNs) of an undisclosed number of individuals. While there was no evidence of theft, unauthorized access, or misuse of the data, the loss of physical media posed a potential risk of exposure if acquired by malicious actors. The breach did not involve cyber intrusion, ransomware, or confirmed data exploitation, but the unaccounted storage device raised concerns over unauthorized disclosure of personally identifiable information (PII). The district took steps to notify affected parties and implement safeguards, though the full scope of the impact such as whether employees, students, or third parties were affected remained unclear. The incident highlighted vulnerabilities in physical data security protocols within educational institutions handling sensitive records.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-544083
TPRM report: https://www.rankiteo.com/company/fresno-unified-school-district
"id": "fre039091825",
"linkid": "fresno-unified-school-district",
"type": "Breach",
"date": "3/2021",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 'Unknown',
'industry': 'Education (K-12)',
'location': 'Fresno, California, USA',
'name': 'Fresno Unified School District',
'type': 'Educational Institution'}],
'data_breach': {'data_exfiltration': 'No (media was lost, not stolen)',
'number_of_records_exposed': 'Unknown',
'personally_identifiable_information': ['Names',
'Social Security '
'Numbers'],
'sensitivity_of_data': 'High (includes SSNs)',
'type_of_data_compromised': ['Personal Information']},
'date_detected': '2021-03',
'date_publicly_disclosed': '2021-08-19',
'description': 'The California Office of the Attorney General reported a data '
'breach involving Fresno Unified School District. The breach, '
'discovered in March 2021, involved missing storage media '
'containing personal information, including names and Social '
'Security numbers. There was no evidence of theft or misuse, '
'and the number of individuals affected is unknown.',
'impact': {'data_compromised': ['Names', 'Social Security Numbers'],
'identity_theft_risk': 'Potential (no evidence of misuse)'},
'investigation_status': 'Closed (no evidence of misuse)',
'post_incident_analysis': {'root_causes': ['Lost/missing storage media '
'containing sensitive data']},
'references': [{'date_accessed': '2021-08-19',
'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulations_violated': ['California Data Breach '
'Notification Law '
'(likely)'],
'regulatory_notifications': ['California Office of '
'the Attorney '
'General']},
'response': {'communication_strategy': 'Public disclosure via California '
'Office of the Attorney General'},
'title': 'Fresno Unified School District Data Breach (2021)',
'type': 'Data Breach (Lost/Stolen Media)'}