Cyber Incident Victim: Bear Creek High

On February 15, 2020, the Lodi School District reported a data breach affecting Bear Creek High School and Ronald E. McNair High School. Unauthorized individuals accessed electronic grade books belonging to three staff members, compromising student records containing personally identifiable information. The exposed data included student names, physical addresses, parent contact details, academic grades, attendance records, and medical information. District officials confirmed the incident did not involve ransomware but provided no specifics about the intrusion method or timeline of unauthorized access. No evidence indicated misuse of the stolen data at the time of reporting. The breach implicated information protected under the Family Educational Rights and Privacy Act (FERPA), though the district did not disclose whether HIPAA-related violations occurred despite medical data exposure.

The school district initiated an investigation but released no technical details regarding attack vectors, threat actor attribution, or system vulnerabilities exploited. Officials did not describe detection methods, containment procedures, or remediation steps taken following the breach. Public reporting remained limited to a single CBS news segment referenced in media coverage, with no follow-up announcements on district or school websites. The scope appeared confined to three staff accounts across two schools, though the total number of affected students was undisclosed. Legal and regulatory implications concerning FERPA-protected educational records and medical data were acknowledged in media analysis but not addressed in official statements. No credit monitoring or identity protection services were mentioned as offered to impacted individuals.