Maricopa Security Breach

The rest of the story


2nd Class Action Lawsuit Filed | Billions more | MCCCD Breach

If one class action lawsuit for over $6 billion wasn’t enough, Hagen Berman Sobol Shapiro now joins G&K in filing a second class action lawsuit filed against Maricopa Community College District.

Number of clients represented: 2.5 million
Counts:  Negligence, Breach of contract
Damages: TBD x 2.5 million people (Billions)
Our sources indicate that other lawsuits are in the process of being filed.
At this rate, the number of lawyers, depositions, lawsuits, records requests, loss in enrollment and other factors are likely to overwhelm the MCCCD Administration and distract it from its mission.  The MCCCD Board seems complacent at this point.
A user in an online forum put it this way:

“Maricopa did far more than just have a breach. They had one in 2011 and failed to fix the problem, resulting in another breach in 2013 that they then took another 7 months to notify users about. The second breach affected 2.4 million users.

I am a class rep on this suit and have had my identity stolen as a result of this breach. My social security number will never be safe again and I will be dealing with the repercussions indefinitely. $2500 is chump change.

The lesson for all institutions is that how you handle a breach is incredibly important. By not dealing with it, covering it up and now trying to scapegoat it personnel, maricopa has hurt their credibility, angered people who would otherwise have been sympathetic and made the situation far worse”
Read More


Class Action Lawsuit Filed | Billions sought | Millions affected

It is now official, a $6.25+ Billion class action lawsuit have been filed against MCCCD.
Gallagher and Kennedy has filed a class action lawsuit against MCCCD for the 2011 and 2013 security incidents.



Number of clients represented: 2.5 million
Counts:  Negligence, Negligence on Anti-identification Procedures, Negligence on Notification of Breach of Security System, Breach of Fiduciary duty, Bailment, Breach of the Right of Privacy.
Damages: $2500 per client x 2.5 million people + other damages
This could be very damaging to the future of affordable education in Arizona.
This could have severe implications to jobs at MCCCD.


MCCCD – The Year of Living Dangerously | Under New Management

Here a new article on the history of the MCCCD security breach, the cost of the failure to respond and the current state of affairs.

Today, 4/29/2014, Earl Monsour is being deposed at the Gallagher and Kennedy Office in Phoenix, Az. A deposition that may last a couple of days if not longer. This is just the beginning, one of hundreds of individuals who will have to be deposed. Lawyers and more lawyers (9-10 today only) are involved at an hourly rate of approximately $300+/hr.  A bill MCCCD will end up paying with taxpayer dollars if they lose these cases in court.

MCCCD lawyers are working around the clock trying to hide the truth from the public hoping that a judge will support the complete lack of transparency of a publicly funded institution. A few days ago, the Governing Board approved a $3 tuition increase to generate millions of dollars of new revenue.  Students who already registered and paid for their Fall semester will receive a new bill and hopefully not be dropped from classes when MCCCD runs their dreaded ‘purge’.  New students will need to pay a bit more if they want to attend. All of this, while MCCCD sits on top of a large sum of cash totaling nearly $500 million (see The Bulging Cash Hoard at MCCCD).  It begs the questions, who is the MCCCD Governing Board serving? What is the mission of the institution? Why are you asking for more money when you have so much?  Are you trying to keep that infamous bond rating at the expense of the community?
Read More


MCCCD Security Breach – Timeline of Events

This post is always pinned to the top of this page given its significance to understand what took place.  See frequent updates after this post.

The following timeline outlines events that took place between January 2011 and Feb 2014 regarding the MCCCD security breach. These events ultimately led to the largest security breaches in the history of Maricopa Community College. This timeline will be updated regularly as new events develop. Stay tuned!

Here is a visual representation of the core events.

Maricopa Security Incident Chronology of Events

 Date                      Event                                                                                                          


Maricopa main webservers compromised.  

Maricopa security monitoring  system (OVIS) compromised.

None of the ERP Systems were compromised at this time.


Data from multiple schools  including MCCCD reported as being available for sale.  Vice-Chancellor of ITS notified.


Root cause for webserver compromise quickly identified by existing IT Staff and action items for remediation outlined.   Remediation efforts were later delayed for months.


Vice Chancellor of IT informed by Director Earl Monsour of security 

Read More


Grievance escalated to Board – MCCCD still at risk

The email below was recently sent to the MCCCD Governing Board.
Its purpose was to escalate the IT Grievance that could have prevented the 2013 breach to the attention of the MCCCD Governing Board.

Chancellor Glasper never responded to this Grievance.  By policy, Dr. Glasper had 10 days since initial filing (10/2012) to address the issues in the grievance.  Over a year has passed and no answer has been received by employees.

In addition to MCCCD policy violations, employee’s First Amendment Rights have been violated.   The right to petition government for redress of grievances is the right to make a complaint to, or seek the assistance of, one’s government, without fear of punishment or reprisals.  Several employees who filed this grievance have been forced to retire early or are now being terminated by MCCCD.

ITS Grievance redacted

Date: Wed, Apr 9, 2014 at 7:47 PM
Subject: Escalation of ITS Grievance to Governing Board Members

Members of the Board,

Per MAT policy, we are now escalating the attached employee grievance to you, the MCCCD Governing Board.
Read More


Kroll finds that employee did nothing wrong | MCCCD blames employee

Here is a recording from an interview where Mr. Corzo, the person who tried to warn the District before the 2013 incident happened, is being told that ‘he did nothing wrong’. MCCCD is still proceeding with efforts to blame Mr. Corzo for the 2013 incident. The MCCCD Administration refuses to take responsibility.

This interview took place in Nov 2013. In attendance were James Bowers, Interim VC of HR, Kroll lead investigator (speaking on recording), Kerry Mitchell, ex-MAT President and Mr. Corzo’s representative.

A few points to read before you play the tape:

1. The 1098-T database they mention in the tape and are trying to pin on Mr. Corzo WAS NOT one of the databases he managed at the time. This database was managed by another IT Director (who recently resigned) and the Marketing Department. Neither Mr. Corzo nor his staff had access to that database or the computer it resided on.

2. Mr. Corzo nominated someone from his team as requested by Mr. Monsour to be part of the investigation team in 2011. That person did what she was asked to do and communicated with Mr. Corzo several times a day. None of the ERP databases Mr. Corzo managed at the time (SIS, HR, CFS) were compromised.
Read More


Board minutes reveal that MCCCD may still be at risk

Information contained in public MCCCD Board minutes speak of how huge the security problem at MCCCD is. MCCCD has publicly disclosed their vulnerabilities and the monumental effort require to fix the problem that was reported in April 2013. It makes you wonder if MCCCD web servers should be even operational given the information disclosed below.

MCCCD Board Minutes from Nov 12, 2013 reveal extend of compromise

Here is a segment from the Nov 2013 Board Minutes where MCCCD acknowledges the scope of the problem and what’s left to be done.


This is a follow-up item to move to a One Maricopa enhancement
effort. It’s a three-phase system. Once Eagle Creek has assessed the
existing web infrastructure, 1) they will help with web maintenance
(there are over 10,000 pages), 2) they will look at the web
infrastructure and fix pages that are not working, and 3) they will
rebuild the entire web system into a secure and well run single entity
(currently there are 50-60 systems currently running). It will take 
approximately 18-24 months to fix. 

o Will Maricopa contract out maintenance or can it be
supported in-house upon completion? (IT will create a web
Read More


Comments made to the board are inappropriate | Unethical behavior at MCCCD

Taxpayers may have to foot a bigger bill to cover legal expenses related to the Maricopa Community Colleges data security breach.

“I think it’s kind of unethical to leave a firm to take your biggest client with you and plant yourself to say you’re a local law firm,” Lumm told ABC15.

It appears that the MCCCD Administration is partnering with their out of state lawyers from Wilson Elser to deceive the MCCCD Governing Board.  ABC 15 tells the story.

See the latest video by ABC 15 on this ongoing mess with MCCCD.


Hearing Rigged – Response from Mr. Galvan

In April 3rd, 2014, a few days after Miguel Corzo and Galvan (Corzo’s lawyer) left a hearing that had apparently been rigged to benefit the District Administration, conceal evidence from ever being made public and keep witnesses, including Rufus Glasper, from testifying, Mr. Galvan sent this letter to MCCCD.

From: Richard Galvan <>
Date: Tue, Apr 8, 2014 at 4:58 PM
Subject: MCCCD Hearing
To: Lee Combs <>, James Tucker <>

Response to your email dated April 1, 2014


It is Mr. Corzo’s position that these proceedings are fatally flawed and, consequently he refused to participate in the March 31st hearing.  The bases and reasoning for his position include:

1.  The District’s unlawful refusal to provide Mr. Corzo with the public records he requested nearly 3 months ago pursuant to the Arizona Public Records Law.

2.  In violating the law, the District not only failed to produce the documents, but it failed to provide Mr. Corzo, in accordance with the Arizona Public Records Law, with an index of all the public records subject to his requests along with the individualized reason why the District denied production of each paticular document.
Read More


MCCCD Employee Hearing Rigged! – Maricopa Security Breach

The Monday hearing (3/31) to decide the future of one remaining MCCCD employee who is fighting the MCCCD administration over the security breach in 2013 was little more than a kangaroo court according to witnesses. While the District has reportedly either worked out deals or forced resignation from several employees, the whistleblower in the case; Miguel Corzo, was denied a chance to even defend himself in the Monday hearing.