The Palo Alto Unified School District suffered a data breach on April 4, 2017, when an unauthorized party—later identified as a former vendor, Schoolzilla—gained access to its network. The incident exposed partial records of approximately 14,000 students, including names, addresses, birth dates, and test scores. While no financial or highly sensitive data (e.g., Social Security numbers) was compromised, the exposure of personally identifiable information (PII) posed risks such as identity theft, phishing, or targeted scams. The breach was discovered and reported on May 1, 2017, prompting remedial measures to secure the network and mitigate potential harm. The incident highlighted vulnerabilities in third-party vendor access controls and the importance of monitoring former service providers with lingering system privileges.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-67904
TPRM report: https://www.rankiteo.com/company/schoolzilla
"id": "sch033090625",
"linkid": "schoolzilla",
"type": "Breach",
"date": "4/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '14,000 students',
'industry': 'Education',
'location': 'Palo Alto, California, USA',
'name': 'Palo Alto Unified School District',
'type': 'Educational Institution (K-12)'},
{'industry': 'Education Technology',
'name': 'Schoolzilla',
'type': 'Vendor (Former)'}],
'attack_vector': 'Third-Party Vendor (Former Vendor - Schoolzilla)',
'data_breach': {'data_exfiltration': 'Potential (unconfirmed)',
'number_of_records_exposed': '14,000 (partial records)',
'personally_identifiable_information': ['names',
'addresses',
'birth dates'],
'sensitivity_of_data': 'Moderate (PII + educational data)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Educational Records']},
'date_detected': '2017-04-04',
'date_publicly_disclosed': '2017-05-01',
'description': 'The California Office of the Attorney General reported that '
'Palo Alto Unified School District experienced unauthorized '
'access to its network involving former vendor Schoolzilla on '
"April 4, 2017. Approximately 14,000 students' partial "
'records, including names, addresses, birth dates, and test '
'scores, were potentially exposed. The breach was reported on '
'May 1, 2017, and remedial actions have since been taken.',
'impact': {'data_compromised': ['names',
'addresses',
'birth dates',
'test scores'],
'identity_theft_risk': 'Potential (due to exposed PII)'},
'initial_access_broker': {'entry_point': 'Former Vendor (Schoolzilla) Access',
'high_value_targets': ['Student Records']},
'post_incident_analysis': {'root_causes': 'Unauthorized access via former '
'vendor (Schoolzilla)'},
'references': [{'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': 'Reported to California '
'Office of the Attorney '
'General'},
'response': {'incident_response_plan_activated': True,
'remediation_measures': 'Remedial actions taken (unspecified)'},
'title': 'Unauthorized Access to Palo Alto Unified School District Network '
'via Former Vendor Schoolzilla',
'type': 'Data Breach / Unauthorized Access'}