MCCCD Board member Pearson says whistleblower denied due process
Miguel Corzo gave three decades of his professional life to the Maricopa County Community College District, and on Tuesday the Governing Board gave him his pink slip. Corzo, one of the whistleblowers in the District’s IT department was made the scapegoat by the administration.
MCCCD Governing Board member Debra Pearson said she was ashamed to be a part of the administration’s decision. “I was willing to resign from this board because of this, rather than be guilty of association with the crap that’s gone on here,” said Pearson.
After keeping the public in the dark for months, finally in 2013, District officials announced the data breach, which put at risk 2.4 million students and staff members.
Under the leadership of Chancellor Dr. Rufus Glasper, the District has spent tens of millions of dollars when according to sources, had they listened to the warning of Corzo and Earl Mansour the security breach could have been easily avoided.
According to Corzo, the MCCCD administration is holding him responsible for failing to do a job that wasn’t his to do and holding him responsible for systems, which were not under his control.
According to the administration, Corzo was aware of a document created by the security consulting firm of Stach and Liu, that was hired to help uncover the full extent of the incident, identify mitigation strategies and attempt to identify if any data had been taken, but did not make the administration aware of the report.
However, according Martin (Marty) Gang, who was employed by MCCCD, and is now the Assistant Vice Chancellor Information Technology / CISO, at the Yosemite Community College District, Corzo not only had not seen the document, but Corzo’s supervisor; George Kahkedjian, “firmly stated that he did not want to involve individuals who had no responsibility for the compromised systems.” Gang wrote, “That meant that Steve Creswell, Miguel Corzo, Jon Clark and Keli Cole were not provided a copy of the report.”
Gang wrote the Board the email, dated July 20, 2014, after he received the news that the administration intended to terminate the employment of Miguel Corzo and because “MCCCD may have incorrect or flawed information.”
The Governing Board has appeared to be willing to operate on incorrect or flawed information. The majority of the Board have asked few questions in public and everything is being handled behind closed doors in executive sessions.
In January 2011 a “security incident” was identified involving the main Maricopa web server, according to Gang. Authorities discovered that a known hacker site was offering login account information for sale from MCCCD. “The main web server was seriously compromised, all the way down to root access,” Gang advised the Board in his email.
In 2013 when the second and larger breach took place, Corzo was no longer assigned to any supervisory or database duties.
“I went above and beyond to save [the school] from this embarrassment,” he told the Governing Board on Tuesday night. “We warned the organization not once, not twice, but over 12 times in 2012 alone. Now, the same employee who warned them is being thrown under the bus,” Corzo pleaded with the Board. “I am shocked and ashamed of the behavior of the administration. I don’t understand the need to make me a scapegoat, a sacrificial lamb,” he pleaded before the Board.
His pleas fell on deaf ears. The Board president Dana Saar, who has carried the water for Glaspar, told Pearson that her comments were out of line when she accused the District of violating Corzo’s due process rights.
The Board then voted 3-2 to terminate his employment. Three decades of loyal employment.
Supporters are urging Corzo to pursue a wrongful termination lawsuit against the District.