Duneland School Corporation gave a “notice of data security incident” on Thursday.
The school Corporation said they are committed to protecting the privacy of the information they maintain. They are in the process of notifying current and former employees, as well as beneficiaries and dependents of those employees, of an incident that involved some of their information.
Duneland School Corporation stated the following:
“This notice describes the incident, measures we have taken, and some steps that our current and former employees, as well as beneficiaries and dependents, may consider taking in response.”
We identified a security incident on October 27, 2021 that resulted in the unavailability of certain systems within our computer network. We immediately began to investigate, contacted law enforcement, a cybersecurity firm was engaged, and steps were taken to address the incident and restore operations. We also implemented additional safeguards and technical security measures, including multi-factor authentication for all user accounts, to further protect the data we maintain.
Through our investigation, we determined that an unauthorized person obtained access to the Duneland systems between October 21, 2021 and October 27, 2021. After further investigation, we discovered that certain files may have been acquired by the unauthorized person. We thoroughly reviewed those files and determined that they contained information relating to our self-insured health plan and general employment records, including individual names, dates of birth, Social Security numbers, driver’s license numbers if they were provided to us, and benefits information.
On December 23, 2021, we began notifying individuals whose information was involved in the incident. We recommend that all current and former employees, and the beneficiaries and dependents of those employees, remain vigilant for signs of unauthorized activity by reviewing any statements that they receive relating to their health insurance. If they identify any charges or activity that they did not authorize, please contact the insured or provider immediately.
We have also arranged for all current and former employees, beneficiaries, and dependents whose information was involved in the incident to receive a complimentary membership to Kroll Identity Monitoring. This product helps detect possible misuse of an individual’s information and provides the individual with credit monitoring, fraud consultation, and identity theft restoration services. If you are a current or former employee, or the beneficiary or dependent of a current or former employee, and would like more information on Kroll Identity Monitoring, including instructions on how to activate your complimentary membership, please call our dedicated call center at 1-855-545-2516, Monday through Friday, between 9:00 a.m. and 6:30 p.m., Eastern Time, excluding major U.S. holidays.”