Cyber Incident Victim: Clark County School District

On approximately October 5, 2023, the Clark County School District (CCSD) in Las Vegas, Nevada, discovered a cybersecurity incident affecting its email environment. The unauthorized access occurred 11 days prior to the discovery date, placing the breach around September 24, 2023. CCSD immediately engaged forensic experts to investigate the incident and remediate the email system, while also coordinating with law enforcement agencies. The investigation confirmed that an unauthorized third party accessed limited personal information belonging to a subset of students, parents, and employees. District officials publicly disclosed the incident on October 5 through direct notifications to families and a public statement, though the full scope of impacted individuals remained undetermined at the time of disclosure. CCSD initiated a multi-week assessment process to identify all affected parties, emphasizing that no reports of identity theft related to the breach had been received.

The district confirmed the compromised data included personally identifiable information but did not specify exact data types or the number of affected individuals. CCSD established a dedicated assistance line (888-566-5512) operating on Pacific Time business hours for inquiries and mandated password resets for all student accounts as a precautionary measure. Notification letters outlining protection steps were scheduled to be sent via first-class mail to verified impacted individuals once identified. The district referenced Nevada state resources for identity theft concerns while maintaining that its forensic investigation and system remediation efforts were ongoing. No further details regarding attacker methodology, duration of access, or specific email systems involved were disclosed in the initial announcement.