A cyberattack earlier this month at Maricopa County Community Colleges will delay the start of classes until March 29, while students and staff are being advised by interim Chancellor Steven Gonzales to not talk with media about the matter because it could delay efforts to fully bring the systems back online.
“Please understand, anything you share with the media could have an impact on the work out IT experts are doing to resolve the situation and is not helpful,” Gonzales wrote Sunday about the cyberattack discovered March 16.
The MCCCD is comprised of nearly 200,000 students across 10 colleges with support from 10,000 faculty and staff members. On Monday, the district notified students that the forensic investigation has “not found any evidence that any student information, such as social security numbers, educational information or financial data, was compromised at this time.”
Gonzales’ March 21 message admitted college officials have no timetable for when access will be fully restored, but promised further information will be released “in the coming days.” In the meantime, he asked those affected by the outage give the IT experts “time to focus on these solutions.”
He also acknowledged the staff’s frustration and desire for additional details, but noted the sharing of more details will only be done when safe to do so.
“While not ideal, it is critical to getting our systems back online in a safe and secure manner,” Gonzales wrote.
According to Gonzales, the IT department initially identified suspicious network activity on March 16. What that suspicious activity consisted of has not been publicly revealed, but it triggered what he called “our incident response protocols” which included disconnecting external access to the network and taking the systems offline.
IT professionals, including forensic and recovery specialists, were then engaged to assist in figuring out what happened and to develop a plan to resolve the outage, Gonzales wrote.
“We are working with our forensic partners to ensure our systems are secure so we can reestablish connectivity and resume business as usual,” the message states.
MCCCD’s seven-member governing board has not met since the data breach was discovered, and a meeting scheduled for Tuesday was cancelled. But when they do finally convene, it will not be the first time officials have had to deal with a cyberattack.
In November 2013, the district admitted that months earlier the FBI reported finding the names, banking information, and social security numbers of more than 2 million people – including MCCCD vendors, students, and staff dating back nearly three decades- for sale on the internet.
The 2013 breach eventually cost the district more than $26 million, much of it paid to law firms and a credit monitoring service to resolve lawsuits. Many of the people impacted by the data breach were upset that college officials kept quiet about the FBI’s discovery for seven months.
Nearly half of the district’s IT staff was later fired, put on leave, or transferred to other positions by administrators who longtime employees publicly accused of ignoring recommended system improvements following a 2011 hack involving a few hundred employees.