Notice of Data Security Incident
Little Rock School District (“LRSD”) experienced a data security incident that may have impacted the personal information of some of our current and former employees, students, contractors and/or vendors that worked with LRSD. We previously provided some information regarding this incident but want to update you now that our investigation into what occurred is complete. We respect the privacy and security of all information within our control and sincerely apologize for any concern this may cause our community.

What Happened?
In November 2022, LRSD identified suspicious activity that impacted its ability to access some of its systems. LRSD immediately implemented its incident response protocols and hired an independent computer forensics firm to help us investigate the nature and scope of the incident.  The investigation determined that some information stored on LRSD systems may have been accessed by unauthorized third parties. That information was reviewed to identify any personally identifiable information that may have been impacted. This recently completed review found that the impacted information may have contained individuals’ names, addresses, Social Security numbers, financial account information, state and government ID numbers, and limited medical information.

We have notified law enforcement and the Arkansas Attorney General about this incident and will continue to cooperate with any subsequent investigations of theirs into this incident.

We have taken steps to enhance the security of our systems, including changing all LRSD passwords and implementing multi-factor authentication for remote access. While we are aware that information was taken from our systems by unauthorized third parties, we do not have any evidence that such information was actually viewed, used, or misused. All such information was returned, and we have obtained assurances that no use was made of the information. We have no evidence that personal information in this incident has been misused in any way. However, out of an abundance of caution, we are providing credit monitoring and identity protection services from Cyberscout at no cost.

Impacted individuals should remain vigilant for incidents of identity theft or fraud by reviewing bank accounts and other financial statements, as well as credit reports, for suspicious activity. Incidents of suspected identity theft should be reported to law enforcement or the attorney general. We also encourage individuals to contact Cyberscout with any questions and to take full advantage of the Cyberscout service offering.

For more information
For questions or concerns, please call 1-833-570-2993 Monday through Friday from 8:00 am – 8:00 pm Eastern Time. Your trust is our top priority, and we deeply regret any inconvenience or concern this matter may cause.

Public Notice
LRSD Network Issue

The Little Rock School District (LRSD) recently detected unauthorized activity on its network. Upon discovery, we immediately activated our incident response protocols and hired independent computer forensic experts to help us determine the nature and scope of the activity. We have also taken steps to notify law enforcement and will cooperate with any subsequent investigations into this incident.

The forensic analysis is still ongoing; however, the analysis has determined that some data may have been taken from our network. At this time, we do not know exactly what data may be at issue, but we are working as quickly as possible to be able to ascertain that information. Should we find any evidence student or employee data was impacted, we will notify all appropriate parties.

LRSD has implemented additional monitoring and threat detection software to supplement the security measures already in place and has taken steps to further secure its network. We are committed to completing a detailed review of our internal systems and will take everything we learned from the incident to strengthen our network for the future.

The forensic analysis and investigation into this unauthorized activity are still ongoing. We will share more information with our stakeholders and our community as we are able to do so. 

Network Security Incident Update 12.15.22