Maricopa Security Breach

The rest of the story

By

MCCCD mismanagement leads to $4 million fine

MCCCD mismanagement of national service funds leads to a Justice Department investigation that ultimately lands MCCCD with a $4 million fine. The whistleblower in this case was not punished, however it took government intervention for the MCCCD Administration to be exposed.  Even then, they continue to use taxpayer dollars to pay a $4 million fine without accepting any responsibility.

In a similar case of whistleblowing, several FTC complaints have been filed against MCCCD regarding the MCCCD security breach.  This was the largest breach in Education in the country and another case of mismanagement and scapegoating of employees. This breach impacted over 2 million people. In this case, the whistleblower was punished and the administration continues to deny any responsibility, a costly pattern of behavior.

The most recent FTC complaint was filed by EPIC, a non-profit organization based out of Washington, DC.  It alleges violation of the Safeguard Rules, another apparent case of mismanagement at MCCCD that could result in more hefty fines and public embarrasment. The security breach has cost Maricopa taxpayers upwards of $20 million and the court cases are in their infancy. A class action lawsuit of over $6 billion dollars representing all those impacted by the breach is now in Federal court. Other lawsuits will follow.
Read More

By

MCCCD kept Oracle security reports from staff

The truth no one ever heard until now!
Oracle Security Report Not Shared

It looks like people with inside information into the Security Breach at MCCCD are now starting to disclose new information to the media that was never shared before. This recent post by Databreaches.net points to MCCCD hiding information (Oracle Corp. security assessment) from its own employees and the public for plausible deniability in litigation. Critical vendor reports were never shared with the staff in 2008, 2011 and 2013.

http://www.databreaches.net/did-mcccd-leadership-shut-their-eyes-to-a-database-security-assessment-for-plausible-deniability-in-litigation/

Oracle security assessment - mcccd

Millions are being spent defending against the largest security breach in the history of higher education. All of it could have been avoided had the MCCCD Administration shared with its own staff technical reports from Oracle they knew about. The identity of several million people has been stolen when according to the report from Databreaches.net, the organization withheld critical information that could have prevented it.  Furthermore, this information from Oracle Corp. may still be an internal secret to most of the employees at MCCCD who are trying to secure the system after the 2013 breach.

By

Call for FTC to intervene | MCCCD Security Breach

A new article was recently published in Databreaches.net that calls for a congressional inquiry of the MCCCD security breach. The breach at MCCCD exposed the identity of 2.5+ million people for life. It could have been avoided as clearly shown in this timeline of events.

The MCCCD administration was warned multiple times by their employees and members of the community.  They chose to ignore all warnings and scapegoat employees.  Even at this juncture, MCCCD may still be at risk as disclosed in recent Governing Board minutes. If the 2011-2013 warnings were not enough, the MCCCD Administration and Governing Board still refuse to meet with employees and address remaining security issues presented to them as recently as April 2014.

MCCCD Breach

Largest Security Breach in Education

In a recent development, the FTC has file a complaint against Wyndham Hotels for failure to protect consumer personal information. The MCCCD security breach is much larger than the Wyndham case and it goes to show that when it comes to consumer protection and privacy of information it does not matter whether an organization is private or public.

MCCCD is now dealing with a $6.25 billion class action lawsuit, the threat of potential bankruptcy, disgusted Board Members, future issues with bond ratings, employee attrition, drop in enrollment worth millions, stonewalling of the mediadamage to its reputation in the community and millions of taxpayer dollars being wasted in lawyers.  Whether education or private sector, a security breach is a security breach.  If the FTC plans to hold those in private industry accountable, they should do the same in all industries.
Read More

By

Class Action Lawsuit Filed | Billions sought | Millions affected

It is now official, a $6.25+ Billion class action lawsuit have been filed against MCCCD.
Gallagher and Kennedy has filed a class action lawsuit against MCCCD for the 2011 and 2013 security incidents.

 

 

Number of clients represented: 2.5 million
Counts:  Negligence, Negligence on Anti-identification Procedures, Negligence on Notification of Breach of Security System, Breach of Fiduciary duty, Bailment, Breach of the Right of Privacy.
Damages: $2500 per client x 2.5 million people + other damages
This could be very damaging to the future of affordable education in Arizona.
This could have severe implications to jobs at MCCCD.

By

Grievance escalated to Board – MCCCD still at risk

The email below was recently sent to the MCCCD Governing Board.
Its purpose was to escalate the IT Grievance that could have prevented the 2013 breach to the attention of the MCCCD Governing Board.

Chancellor Glasper never responded to this Grievance.  By policy, Dr. Glasper had 10 days since initial filing (10/2012) to address the issues in the grievance.  Over a year has passed and no answer has been received by employees.

In addition to MCCCD policy violations, employee’s First Amendment Rights have been violated.   The right to petition government for redress of grievances is the right to make a complaint to, or seek the assistance of, one’s government, without fear of punishment or reprisals.  Several employees who filed this grievance have been forced to retire early or are now being terminated by MCCCD.

_______________________________________________________________
ITS Grievance redacted

Date: Wed, Apr 9, 2014 at 7:47 PM
Subject: Escalation of ITS Grievance to Governing Board Members
To: doyle.burke@domail.maricopa.edu, alfredo.gutierrez@domail.maricopa.edu, randolph.lumm@domail.maricopa.edu, debra.pearson@domail.maricopa.edu, dana.saar@domail.maricopa.edu

Members of the Board,

 
Per MAT policy, we are now escalating the attached employee grievance to you, the MCCCD Governing Board.
Read More

By

Maricopa Community College Governing Board “Disgusted” | Security Breach

Here are sections of the 3/25/2014 MCCCD Governing Board Meeting where the topic of the security breach came up.  Comments were made in public regarding the extension of the Wilson Elser contract and the way the administration is handling the current breach.

MCCCD Board Members discuss the security breach and Wilson Elser Contract

Members of the community talk about the security breach during the Citizens Interim portion of the Board Agenda.  Items discussed: impact to the community, costs, what it means to you, employee issues etc.

Community members shared their views on the MCCCD Security Breach. How does it affect you?