On September 3, this site reported on a breach involving Dallas ISD in Texas. As noted at the time, details were lacking. But now their external counsel has provided notification to the Maine Attorney General’s Office and so we now know more:
The breach, which reportedly occurred on June 8, impacted 795,497 individuals.
[Note that the beginning of September, the district’s statement was that they had “recently received notice” of a data security incident. According to their external counsel’s report to Maine, the breach was discovered on August 8. The district’s statement of October 1, embedded below, appears to claim that the incident occurred on August 8. Their October 1 statement also omits other details that they had previously released, and readers may want to review our earlier reporting on this incident where it was reported that the incident potentially affected anyone who was a student, contractor, or employee between 2010 and the present.
So was this a ransomware incident or wasn’t it? We still do not know for certain. Does the district know?
10-1-21 Dallas ISD Media Notice of Cybersecurity Breach of District Data FINAL(259930394.1)