Last week, we broke a story about the potential misuse or possible continued use of an email account of an ex-elected Highline School Board Member, Aaron Garcia Virgen, who left office in December of 2023 after his term ended.

We reached out to the Highline School District for comment on the email activity we noticed on our end through our subscribers analytics pages and shared our concerns with them. Since publishing the first story, we have received two communications with explanations as to the possible "activity" we were observing:

Tove Tupper, Communications Director for Highline: Oct. 24th-
"The Microsoft account associated with former board member Aaron Garcia was disabled in January 2024 and has remained inactive since that time.

No one has access to the account, and it cannot be used to send or open emails. It remains stored—but not active—solely to comply with public records retention requirements.

The Digital Transformation Department confirmed there has been no sign-in activity or misuse of the account. The “opens” and “link clicks” you referenced may have been generated by Microsoft’s automated security scans, not by a user. The account remains disabled and secure. Thanks."

In response, we shared some screen shots of the continued activity we were seeing each time we sent out a newsletter, and our concerns that it may still be active, as this email account behaved differently than one of other ex-board members emails, like Director Azeb Hagos emails did.

Screen shots shared with the district for clarification.

To make sure this was consistent, we looked at another ex-elected official subscriber of Azeb Hagos, and here is how her emails come back as "received" but repeated "bounced email".

Screen shots shared with the district for clarification.

Tove Tupper responded with additional insight on why that may be: Oct 28th-
"Mr. Garcia’s account was disabled in January 2024 through an automative process. This took place several months before the cybersecurity incident that occurred in fall 2024. Following that incident, Highline's technology team implemented additional security measures for all active staff email accounts.When Ms. Hagos left the board in January 2025, her account was disabled under these updated security protocols, outside of our automative process. The reason you are seeing two different scenarios is because the two accounts were disabled using different protocols, in very different environments. Both email accounts for Ms. Hagos and Mr. Garcia remain disabled and inaccessible to any user. An individual cannot send or open messages within those accounts. The timestamps you referenced showing “opens” and “clicks” occur at the exact same moment, which would be consistent with Microsoft’s automated security scanning not user activity. Both accounts remain secure and preserved only to comply with public records retention requirements. 

Our FOIA Records Request is also still listed as "Active" and has not been closed if there were no records to be found from the dates listed after Garcia's exit, but we won't know for sure until Dec. 18th if there are any records they found and will supply at that time. According to Ms. Tupper, there shouldn't be any.

We thank the district for their patience and their communication of what appeared to be a possible user, and we have taken corrective action to retract the story.

Share this article
The link has been copied!