Cyber Communications

Dear Tucson Unified Community,

As you are aware, our district joined an ever-growing number of U.S. school districts that have been targeted by cybercriminals when we experienced a sophisticated cybersecurity incident at the end of January. From the earliest moments of this incident, our team committed to providing updates as quickly as possible. In the spirit of full transparency and timely communication, we wanted to ensure that we are doing all that we can to provide you with the latest progress on this incident.

Recently, an external team of experienced cyber security professionals finalized an extensive review of documents and files containing personal information that were potentially accessed and/or acquired. The comprehensive nature of the investigative review of these files required a one by one review of approximately one million individual records over the past several months.

As this process has now concluded, the investigation identified approximately 29,000 people who had personal information potentially accessed and/or acquired. At this time, we are finalizing individual notification letters to those 29,000 potentially impacted people. The letters will list what personal information was identified during the investigation.

As a district, we are intent on continuing to support those whose information was potentially accessed and/or acquired. The individual notification letters provide the best guidance on steps that can be taken to protect against potential fraud. In addition to providing the individual notifications, we have set up a call center to help answer any questions you may have.

Maintaining the privacy and security of the personal information of those connected with TUSD is of the utmost importance to us, and we continually evaluate and modify our practices to enhance its security and privacy. I want to express my appreciation for your patience and support during this unprecedented cyber incident on our community as well as to extend our apologies for the inconvenience, stress, and anxiety the incident may have caused you and your loved ones.

Sincerely,

Dr. Gabriel Trujillo
Superintendent

Frequently Asked Questions

Cyber Communications

(1) What happened?

(2) I received a letter on the mail with a Sacramento, CA return address, is this letter legitimate? Is it a scam?

(3) Why does TUSD have my information?

(4) The incident happened in late January - why did it take so long for me to receive notification?

(5) I received a notification from TUSD about a security incident. Does this mean someone has misused or will misuse my information?

(6) I received a call or text from TUSD related to this security incident asking for my information. What should I do?

(7) Who is affected by this incident?

(8) What information of mine was involved?

(9) As a result of this incident, will I become a victim of identity theft?

(10) Should I close my credit or debit account?

(11) What is TUSD doing in light of this incident?

(12) How do I know if my information was involved in this incident?

(13) Does TUSD have any reports of actual misuse of the information as a result of this incident?

(14) What can I do to protect myself?

(15) Why did I not receive a notice about this incident?

(16) Is TUSD providing credit monitoring services?

(17) How do I enroll with the credit monitoring service?

(18) Can TUSD just register me in the credit monitoring product?

(19) How long do I have to enroll in the credit monitoring product?

(20) What is a fraud alert?

(21) How do I place a fraud alert on my account?

(22) How long does a fraud alert last?

(23) Will a fraud alert stop me from using my credit cards?

(24) Can I still apply for a credit card after I place a fraud alert on my credit report?

(25) How do I place a Security Freeze on my credit files and how much does it cost?

(26) What should I do if I find suspicious activity on my credit reports or have reason to believe my information is being misused?

(27) When I called to place a fraud alert, they asked for my Social Security number. Is this ok?

(28) How do I obtain a free credit report?

(29) I lost my notification. Can you provide a new one to me?

(30) I have experienced fraud on my card or debit card. What do I do?

(31) Is this matter related to the recent MoveIT cyber-incident?

(32) Do I have any legal recourse?

(33) Will we receive any additional information or update?

(34) The individual this letter is addressed to is deceased. What should I do?

(35) I have additional questions that cannot be answered. What should I do?

(36) I am with ______________________ (Media); can you provide me with further information about the recent data breach?