Hacker Steals Ten Years Worth of Data From San Diego School District

A hacker has stolen the personal details of over 500,000 San Diego Unified School District staff and students, the district revealed in a breach notice posted on its website Friday. From a report: The breach occurred because the attacker gained access to staff credentials via a tactic known as phishing -- sending authentic-looking emails that redirect users to fake login pages were attackers collect login credentials. The attack didn't go unnoticed. Some staff reported the funny-looking emails to IT staff, who investigated and eventually discovered the breach in October this year. District officials said the hacker had access to its network between January 2018 and November 1, 2018, but that he stole student and staff data going back to the 2008-2009 school year.

Re:What is of real value?

[jwhyche]

Names, Addresses, Social Security Numbers, phone numbers, etc etc etc. Any of this information is useful to identity thieves. It really doesn't mater how old it is as long as it can be used to link someone to something at some time. Some things like social security numbers and names never change. Things like past addresses and phone numbers can be used to link someones identity over time.

I'm kind of surprised a school hasn't been hit yet. I would imagine compared to banks and credit unions they would be soft targets security wise.