Notice of Data Security Incident
Notice of Data Security Incident
This notice is to inform faculty, staff, and current and former students of a potential data security incident that involved the inadvertent sale of San Benito CISD computer devices to an electronics recycler, which may have contained historical data of the District.
We recently learned that a local electronics recycler, RDA Technologies, purchased devices from the District that may have unintentionally contained data collected in the normal course of our operations. When we learned of this, we reached out to RDA Technologies in an effort to re-acquire the devices and determine what information, if any, is contained on the devices. To date, RDA Technologies has not agreed to our proposed solution; however, we are continuing our efforts to reach a reasonable resolution with RDA Technologies so that we may review any data on the devices.
In the meantime, we are posting this notice to inform the public about the incident and provide recommendations on preventative measures our community may consider taking.
Based upon the representations made by RDA Technologies regarding the information alleged to be contained on the devices purchased by the company, no Social Security numbers or other sensitive personal information was included.
However, if you believe you are affected, we encourage our community to remain vigilant by reviewing your financial account statements, health insurer statements, and credit report for any unauthorized activity. If you see any unauthorized activity, please contact the financial institution, health insurer, or credit bureau to report the activity. In addition, please see the additional steps included below that you may consider taking.
We sincerely apologize for any concern this incident may have caused. To help prevent something like this from happening again, we are reviewing our procedures relating to device disposal and will re-enforce education with our staff on these procedures.
ADDITIONAL STEPS YOU CAN TAKE
We remind you it is always advisable to be vigilant for incidents of fraud or identity theft by reviewing your account statements and free credit reports for any unauthorized activity. You may obtain a copy of your credit report, free of charge, once every 12 months from each of the three nationwide credit reporting companies. To order your annual free credit report, please visit www.annualcreditreport.com or call toll free at 1-877-322-8228. Contact information for the three nationwide credit reporting companies is as follows:
- Equifax, PO Box 740241, Atlanta, GA 30374, equifax.com, 1-800-685-1111
- Experian, PO Box 2002, Allen, TX 75013, experian.com, 1-888-397-3742
- TransUnion, PO Box 2000, Chester, PA 19016, transunion.com, 1-800-916-8800
It is also advisable to review the billing statements you receive from your health insurer or healthcare provider. If you see charges for services you did not receive, please contact the insurer or provider immediately.
If you believe you are the victim of identity theft or have reason to believe your personal information has been misused, you should immediately contact the Federal Trade Commission and/or the Attorney General’s office in your state. You can obtain information from these sources about steps an individual can take to avoid identity theft as well as information about fraud alerts and security freezes. You should also contact your local law enforcement authorities and file a police report. Obtain a copy of the police report in case you are asked to provide copies to creditors to correct your records. Contact information for the Federal Trade Commission is as follows:
- Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue NW, Washington, DC 20580, 1-877-IDTHEFT (438-4338), ftc.gov/idtheft
Fraud Alerts and Credit or Security Freezes:
Fraud Alerts: There are two types of general fraud alerts you can place on your credit report to put your creditors on notice that you may be a victim of fraud—an initial alert and an extended alert. You may ask that an initial fraud alert be placed on your credit report if you suspect you have been, or are about to be, a victim of identity theft. An initial fraud alert stays on your credit report for one year. You may have an extended alert placed on your credit report if you have already been a victim of identity theft with the appropriate documentary proof. An extended fraud alert stays on your credit report for seven years.
To place a fraud alert on your credit reports, contact one of the nationwide credit bureaus. A fraud alert is free. The credit bureau you contact must tell the other two, and all three will place an alert on their versions of your report.
For those in the military who want to protect their credit while deployed, an Active Duty Military Fraud Alert lasts for one year and can be renewed for the length of your deployment. The credit bureaus will also take you off their marketing lists for pre-screened credit card offers for two years, unless you ask them not to.
Credit or Security Freezes: You have the right to put a credit freeze, also known as a security freeze, on your credit file, free of charge, which makes it more difficult for identity thieves to open new accounts in your name. That’s because most creditors need to see your credit report before they approve a new account. If they can’t see your report, they may not extend the credit.
How do I place a freeze on my credit reports? There is no fee to place or lift a security freeze. Unlike a fraud alert, you must separately place a security freeze on your credit file at each credit reporting company. For information and instructions to place a security freeze, contact each of the credit reporting agencies at the addresses below:
- Experian Security Freeze, PO Box 9554, Allen, TX 75013, experian.com
- TransUnion Security Freeze, PO Box 2000, Chester, PA 19016, transunion.com
- Equifax Security Freeze, PO Box 105788, Atlanta, GA 30348, equifax.com
You'll need to supply your name, address, date of birth, Social Security number and other personal information.
After receiving your freeze request, each credit bureau will provide you with a unique PIN (personal identification number) or password. Keep the PIN or password in a safe place. You will need it if you choose to lift the freeze.
How do I lift a freeze? A freeze remains in place until you ask the credit bureau to temporarily lift it or remove it altogether. If the request is made online or by phone, a credit bureau must lift a freeze within one hour. If the request is made by mail, then the bureau must lift the freeze no later than three business days after getting your request.
If you opt for a temporary lift because you are applying for credit or a job, and you can find out which credit bureau the business will contact for your file, you can save some time by lifting the freeze only at that particular credit bureau. Otherwise, you need to make the request with all three credit bureaus.