Cyber Incident Victim: Granite School District

The Granite School District experienced a cybersecurity incident involving unauthorized access to employee data, prompting an investigation with a forensic security firm. By October 1, 2024, the district confirmed threat actors were removed from its systems. Initial assessments suggested a limited breach, but subsequent data mining revealed all current employees’ payroll information—including bank account details—had been stolen. The compromised data did not extend to dependents, spouses, or family members covered under district insurance plans. Employees were notified via email and instructed to change bank accounts and submit updated direct deposit forms in person or via interdepartmental mail, with delays expected for payroll processing during the transition. The district mandated direct deposit, disallowing paper checks as an alternative.

Impacted employees were advised to contact financial institutions for personalized guidance and to place fraud alerts or obtain credit reports. The district acknowledged the breach’s operational disruption, offering contract employees up to one paid day off before December 20, 2024, to address personal security needs, subject to supervisor approval. Hourly employees received scheduling flexibility for similar purposes. Granite School District arranged free credit monitoring and identity theft protection through its insurance provider, though the coverage duration remained undetermined at the time of the FAQ publication. Investigations continued to determine the breach’s temporal scope, with pre-October 1 banking data considered vulnerable while post-cutoff updates were deemed secure. The district reevaluated internal network security measures, including VPN usage, but confirmed existing external-access VPN protocols remained unchanged during this review.