Maricopa Security Breach

The rest of the story


MCCCD mismanagement leads to $4 million fine

MCCCD mismanagement of national service funds leads to a Justice Department investigation that ultimately lands MCCCD with a $4 million fine. The whistleblower in this case was not punished, however it took government intervention for the MCCCD Administration to be exposed.  Even then, they continue to use taxpayer dollars to pay a $4 million fine without accepting any responsibility.

In a similar case of whistleblowing, several FTC complaints have been filed against MCCCD regarding the MCCCD security breach.  This was the largest breach in Education in the country and another case of mismanagement and scapegoating of employees. This breach impacted over 2 million people. In this case, the whistleblower was punished and the administration continues to deny any responsibility, a costly pattern of behavior.

The most recent FTC complaint was filed by EPIC, a non-profit organization based out of Washington, DC.  It alleges violation of the Safeguard Rules, another apparent case of mismanagement at MCCCD that could result in more hefty fines and public embarrasment. The security breach has cost Maricopa taxpayers upwards of $20 million and the court cases are in their infancy. A class action lawsuit of over $6 billion dollars representing all those impacted by the breach is now in Federal court. Other lawsuits will follow.
Read More


The Vice-Chancellor of IT knew about the breach – Letter to the organization

The MCCCD Administration has repeatedly said in the press that they did not know how extensive the 2011 breach was.  They go on to say that they were never told how significant this breach was.  Furthermore, they seem to be set in their ways to blame the very same employees that warned them well in advance of the 2013 incident.  The following letter was sent in March 2011 from Vice-Chancellor of IT George Kahkejian to the entire Maricopa Community. It appears that he was very well aware of the details, the magnitude, the involvement of a consulting firm and many other aspects of the investigation.  It is hard to believe that the Chancellor did not see this email. It was sent to ALL MCCCD employees. It is hard to believe that Chancellor Rufus Glasper did not communicate with Mr. Kahkejian in a matter of such importance where even the FBI was involved. The MCCCD Administration is in denial and looking for a scapegoats.  If only they had done what they said they would.

GeorgetoMaricopa2011 (1)
See timeline of events for this security breach from 2011 to 2014 


The Chancellor was informed of security risks – IT Grievance released

One of the biggest kept secrets have finally been released by MCCCD to the media. There are others but this one is important because it establishes that the MCCCD Administration (Rufus Glasper) was warned well in advance of the 2013 incident that security vulnerabilities existed and had not been addressed. ITS employees had to file an official grievance to let Chancellor Rufus Glasper and the Governing Board know that the identity of millions of people was at risk.  The IT Grievance was sent to the Chancellor by then MAT (Union) representative Kerry Mitchell on behalf of IT employees in October 2013.  Follow-up messages (to be posted later) were sent to Glasper but no action on the grievance was ever taken.

ABC 15 reports in this TV story what they learned from the IT Grievance.

14a – 10-2012 Email from Kerry and Cecilia to Dr Glasper on Grievance


Cash balance at MCCCD swells

Chuck Vaxter, a faculty members in the Business Department at Glendale Community College, has uncovered some interesting facts about how much money MCCCD has managed to take from taxpayers and students over the years and put away as cash balance. Now, MCCCD is asking taxpayers and students for even more money in the wake of security incident that they could have prevented.  MCCCD is a $1.5 Billion dollar a year organization.

MCCCD is facing multi-million dollar lawsuits for their negligence regarding the 2013 security breach.  The Administration with the support of a few Board members is plotting a conspiracy against the same employees who warned them that a security breach was imminent.  MCCCD is trying to cover up an event that impacted the entire community. They are terminating one employee after another to avoid assuming responsibility.  To make things worse, the Administration is using this event to ask taxpayers and students to pay for improvements to IT and other areas.  MCCCD is proposing a tax hike and tuition increase.






MCCCD Employees respond to Mr. James Bowers request for documents

Here is the response letter that both Mr. Monsour and Mr. Corzo sent to Jim Bowers by 5pm on 3/4/2013.

Mr Bowers, Interim VC of HR for MCCCD, demanded that Mr. Corzo and Mr. Monsour turn over “possession of highly sensitive and confidential information and documents proprietary to Maricopa Community College District”  & “documents that contain sensitive information about the district’s network”.

Neither Mr. Monsour or Mr. Corzo were in charge of the Network at MCCCD at the time of the 2011 or 2013 incidents. They don’t have any documents containing sensitive information about the district network.  These documents reside with the network team at MCCCD and the Director in charge of the network infrastructure.  Mr. Monsour has been on medical leave since Fall 2012 and Mr. Corzo has never been in charge of the MCCCD network.  These letter is retaliatory in nature and another attempt at intimidating employees. This is one of the reasons why ITS has lost nearly 50% of their staff since 2011.

Mr. James Bowers
Interim Vice Chancellor Human Resources
Maricopa County Community College District

Mr. Bowers;

This letter responds to your February 28, 2014, letter demanding that I turn over “possession of highly sensitive and confidential information and documents proprietary to Maricopa Community College District.”  Without more specificity as to the documents you seek, I am unable to provide you with any documents.

Read More