What happened?

On May 31, a Cuesta College Human Resources analyst on medical leave allegedly downloaded reports with personal Cuesta College employee information and emailed the reports to a personal email address. On June 9, the Cuesta College Human Resources Department discovered the unauthorized download and reported it to the Cuesta College Police Department, which immediately began an investigation with the assistance of the San Luis Obispo County District Attorney’s Office. On June 11, Cuesta College alerted all current employees to the information breach via email and mailed letters to the home addresses of all current and former employees affected. The information downloaded included names, social security numbers, date of birth, mailing addresses, phone numbers and email addresses.

How could Cuesta College let this happen?

This unauthorized access is a crime and is being taken very seriously. While specifics cannot be provided because the investigation is ongoing, the college is working closely with the appropriate authorities heading the investigation.

Do you think you will find anything else?

Cuesta College is cooperating with investigators throughout the investigation. All available updates will be provided to the public and employees affected. 

How can I be assured the college is taking steps to protect my information in the future?

The college is reviewing current policies for individuals out on all forms of leave, as well as those who have remote/off-site database access. It is important to note that this was not a hacking or security/firewall breach, but an unauthorized use of information by a college employee.

How many individuals are affected?

Approximately 4,000 current and previous employees are affected.

What does it mean if my information was compromised? What are the risks?

The risk is the possibility of the information being shared with and/or accessed by outside individuals as well as being used for personal gain.

What is the District doing to provide fraud protection for all individuals affected?

The Cuesta College Board of Trustees voted to enter into a one-year contract with LifeLock, a leading provider of proactive identity theft protection services. The contract will go into effect July 2, 2015, and notifications with enrollment instructions will be emailed and mailed to all individuals affected who will have the option to enroll within sixty days. Employees are encouraged to contact the Cuesta College Human Resources Department at (805) 546-3129 should they have additional questions.

Lauren Milbourne / (805) 546-3108 / Lauren_milbourne@cuesta.edu / Posted: 6/25/15