District officials blamed the breach on a “phishing” attack in which unsuspecting employees clicked on fake links sent in emails that gave the thieves access to their online information.
The district reported the incident to the Georgia Bureau of Investigation, which called in the U.S. Secret Service to assist with the case.
The amount of money missing remains the same, but the concern is that many more employees’ information may have been exposed.
Superintendent Meria Carstarphen said the district cannot provide more information about the data breach because of the ongoing investigation.
The district will work with investigators and determine what additional security measures are needed.
The district will require all employees to change their passwords as an immediate first step.
Carstarphen described the situation as “unsettling” and acknowledged in an email to employees that many questions remain unanswered.
“While I wish that I had more answers, in the spirit of transparency, I wanted to get you this update as soon as possible and I promise to keep you posted as I learn more,” she wrote, in an email to employees.
Fulton County Schools reported that dozens of its employees were targeted in a similar scheme in late August, resulting in a loss of more than $75,000 -- of which $3,400 was recovered.
Cyberthieves tried but failed to reroute direct deposits for 28 Clayton County school district employees, officials said. The district learned of the unsuccessful attack Friday and officials said there was no indication that any money actually was redirected.