The Monterey Peninsula Unified School District has been notifying current and former employees of a data security incident that they discovered on or about November 1. They do not explain how they became aware that their network may have been subject to unauthorized access. W
In their notification, a copy of which was submitted to the California Attorney General’s Office, Ryan Altemeyer, Associate Superintendent of Business Services writes that on December 10, 2021, the district determined that files containing certain personal information on employees were present in the potentially impacted network locations. Although they had no evidence of any misuse of information as of December 21 (the date of their notification letter), the investigation did reveal that the information included first and last names as well as Social Security numbers, medical information, and financial account information.
The notification makes no mention of any student information being involved. Nor does it indicate the number of employees being notified.
The district is continuing to investigate the incident and has offered those potentially affected 12 months of credit monitoring and identity protection services through Cyberscout.