PHOENIX -- Officials say private information of students, workers and suppliers at the Maricopa County Community College District was exposed because of security vulnerabilities in the district's computer systems.
The district announced Wednesday that names, dates of birth, Social Security numbers and bank account information was exposed. It is notifying nearly 2.5 million students, suppliers and employees of the issue and will provide credit monitoring and other services.
Chancellor Rufus Glasper said there's no sign any personal information has actually been misused.
"On behalf of the district, I deeply regret that this occurred and am leading a thorough response designed to prevent this from happening again," Glasper said in a district news release. "We are examining every aspect of our IT operations, and the changes underway are making us stronger system-wide."
The district has 10 community colleges, and 265,000 students attend classes each year. It isn't clear how it tallied the 2.5 million figure.
The release said a federal law enforcement agency told officials about vulnerabilities in April.
Glasper ordered action on several fronts including:
Initiating immediate actions to strengthen security and take offline portions of its IT systems with security vulnerabilities until improvements could be completed;
Installing new security technology, including firewalls, real-time blocking and monitoring functionality, and other security protections;
Conducting a comprehensive review by independent experts of all IT security policies and procedures and implementing increased security measures;
Taking employment action in connection with employees whose conduct did not meet standards and expectations, and making personnel changes as warranted.