Cyber Incident Victim: Rockdale ISD

On January 30, 2018, Rockdale Independent School District experienced a data breach compromising confidential tax information for all district employees. The incident originated from a phishing email scheme targeting an employee with access to employee W-2 records. An attacker impersonated Rockdale ISD Superintendent Dr. Denise Monzingo in a fraudulent email communication, successfully deceiving the employee into forwarding the entire district's W-2 tax documents. This unauthorized disclosure exposed sensitive personal and financial data including Social Security numbers, income details, and withholding information for every district employee. The breach remained undetected until subsequent fraudulent tax filings involving multiple employees alerted the district to the compromise on the following Monday, though officials could not specify the exact number of employees directly affected by false filings at the time of disclosure.

Rockdale ISD administrators contacted Rockdale Police Department immediately upon discovering the fraudulent filings, initiating a multi-agency investigation that expanded to include the Federal Bureau of Investigation and Internal Revenue Service. District leadership confirmed the breach impacted all employees systemwide due to the comprehensive nature of the compromised W-2 records. In response, the district announced plans to engage cybersecurity firms to strengthen institutional safeguards against future attacks. Concurrently, Rockdale ISD committed to enhancing employee training programs focused on phishing identification and email verification protocols to reduce susceptibility to similar social engineering tactics. The district did not publicly disclose whether stolen data appeared on dark web markets or whether affected employees received credit monitoring services following the breach.