The hacking last month of the El Paso Independent School District’s intranet network caused security headaches, and it now has also become a financial burden for employees, students and their families who want to protect their identity.
The district has reached an agreement with a company to provide discounted identity-security memberships.
The hacking on Aug. 31 placed private information such as names, Social Security numbers, dates of birth and addresses of all current employees and students subject to identity theft.
Experian, a company specializing in credit monitoring, has reached an agreement with EPISD to offer protection at a reduced rate.
Employees and parents still will have to pay $77.76 or $119.76 annually—depending on whether the membership is for one person or a family of two or more.
Lucy Clarke, president of the El Paso Teachers Federation, said the cost is still too high for some. “There are some people that still can’t afford even that,” she said of the discounted fees.
District officials said that under Texas law, the EPISD cannot legally pay for the entire service. The law prohibits public funds to be used for gifts, credit, money or value, for any individual.
On the district’s website under the “Protect You Identity” link, a letter from Interim Superintendent Terri Jordan explains the discount.
She wrote, “In our continued efforts to provide support to you regarding the detection of possible misuse of your personal information, we have
been in contact with a credit monitoring service to expand the options available to you. We have researched other organizations that have had similar security breaches and found that the options located on this website best meet our needs.”
The offer ends Dec. 31.
Robert Almanzan, associate superintendent of human resources, said that the district has given employees and parents the Experian option but that it’s not the only option.
“Individuals should look at all options,” Almanzan said. “We’re not saying this is the cheapest offer there. There are quite a variety of options.”
He said some people have already contacted him with other similar protections for a lower price. As the district finds and receives alternatives, it will continue to update its website with other available options, Almanzan said. No one is required to buy identity protection.
“The desire to purchase this is very personal,” he said.
EPISD board president Isela Castanon-Williams said the district made the discount option available to employees and parents as quickly as possible. She said everyone took the situation seriously and was very concerned.
“We felt the options provided on the episd.org website were the best options available immediately to provide assistance to our employees and families,” she said. “At this point, I feel EPISD is doing what it can to assist our employees and families within its legal and financial limitations.”
Stephen Stiles, chief technology officer for EPISD, gave a presentation to the board at Tuesday night’s meeting. He updated what technology systems are in place and broader protection for EPISD’s network, servers and data.
“We are significantly stronger right now,” he said.
Stiles said he also wanted to update the board on the decision from the Texas Education Agency about the use of students’ Social Security numbers. After the hacking, Stiles asked the agency whether the district could do away with using Social Security numbers.
“They (TEA) very clearly said we have to ask the parent for a Social Security number,” he said, and added that only if a parent refuses can the district issue an alternative identification number.
The computer security breach is still under investigation by the district and the FBI’s InfraGard Division, an alliance between the FBI and the information technology industry and academic institutions to fight cyber crime, terrorism and other crimes. No further information has been released about the hackers or where the investigation stands.