South Orange County Community College District recently informed its community about a significant data security incident that may have involved sensitive personal information. On or around April 5, 2024, the district became aware of accidental unauthorized access to an internal SharePoint site by authenticated district personnel, allowing them to view files containing both student and employee personal data. In response to this incident, the district took immediate action by launching an investigation to assess the scope and nature of the breach, which was determined to have occurred for a limited period.
Following the investigation, SOCCCD conducted a thorough review of the impacted data to identify the types of information that may have been accessed. While specific details about the individuals affected were being gathered, the district worked diligently to obtain up-to-date contact information to ensure timely notifications could be sent. By August 13, 2024, the process was completed, and the district began notifying potentially impacted individuals about the event and the information that may have been compromised.
In their communication, SOCCCD highlighted their commitment to protecting the privacy and security of personal information. As part of their response, the district is offering complimentary credit monitoring and identity protection services through Cyberscout, a TransUnion company specializing in fraud prevention and remediation. This initiative aims to provide affected individuals with tools to help them monitor their credit and address any potential issues arising from the breach.
Additionally, SOCCCD encouraged individuals to remain vigilant against incidents of identity theft and fraud by regularly reviewing their credit reports and financial statements for any suspicious activity. They provided resources for individuals to monitor their accounts and suggested actions, such as placing fraud alerts or credit freezes, to enhance security. The district also established a dedicated call center to address any questions or concerns from the community, reaffirming their commitment to safeguarding personal information and maintaining the trust of their stakeholders.
Reference:
