hack laptop

Student Hacker Was Able To Breach Thousands of Student Accounts in Maryland District

Originally, the Montgomery County district thought the cyber attack was limited to one high school. But the hacker was able to obtain access to the accounts of over 5,000 students across six schools.

  • By Haley Samsel
  • December 17, 2019

When a student hacker in a Washington, D.C. suburb was able to gain access to the personal data of fellow students in October, the district originally thought that the attack only extended to 1,344 students at one high school.

But it turns out that the student had access to the data of at least 5,962 user accounts from six schools, the Montgomery County Public School district announced on Nov. 25.

The district and the local police department have identified the hacker, who faces possible criminal charges. A forensic analysis of the student’s devices show that the hacker was able to execute a series of attacks in September gave the student data at other schools, which included four middle schools and one more high school. Only Wheaton High School was named in the original announcement of the cyber attack.

Police said that the data does not include any Social Security or financial information, and it does not appear that the suspect shared any of the data with third parties. The data sets did include student GPAs, standardized test scores, addresses, phone numbers and more.

Although the district was not aware of the September breaches until early November, the October attack was quickly picked up by Naviance. The platform automatically reset the passwords of the users whose data was hacked and blocked the IP address of the hacker from accessing the server.

Parents have been advised to request a free credit freeze from their credit bureau, making it difficult for a malicious actor to use the student’s information to open new accounts. In addition, parents can check their children’s credit reports for fraudulent accounts.

“MCPS is committed to safeguarding the privacy and security of our students, families, and staff and MCPS sincerely regrets that this incident has occurred,” the district said in its November memo. “MCPS takes this event very seriously and has implemented improvements to prevent such unauthorized access from happening again.”

Montgomery County is the same district where parents successfully pushed the district to agree to delete data collected on students at least once a year. The advocacy efforts were in motion before the recent data breach.

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • Door Hardware and Campus Security: Enhancing Safety in Schools

    The importance of investing in school safety cannot be overstated, but knowing where to start implementation of school safety features can be a challenge. A recent survey by the National Center on Education Statistics found that a quarter of U.S. public schools have classrooms with doors that can't be locked from the inside. Even among schools with doors that do lock, recent legislation reflects a common misconception that simply keeping the doors locked all day will eliminate the potential for an attack, in direct violation of PASS (Partner Alliance for Safer Schools) Guidelines. Read Now

  • Brigham Young University Strengthens Campus Security With Genetec Operations Center

    Genetec Inc, a provider of enterprise physical security software, announced that Brigham Young University's (BYU) has optimized its security operations with the Genetec™ Operations Center work management system. Read Now

  • AI-based Risk Mitigation: The Next Advancement in Video Surveillance and Public Safety

    Safety is at the forefront of every organization and covers a gamut of scenarios, not just weapon-fueled lethal threats. It also includes smaller-scale and everyday situations like slipping hazards, fallen persons, unauthorized vehicles, and more. These issues cause disruptions in daily operations and cost companies and facilities money and downtime, so a fully realized security plan must involve actions that facility personnel should take once a hazard of any size occurs. Informing everyone that a hazard exists, where it’s located, and what actions to take is imperative for maintaining personal safety. Read Now

  • Fort Worth ISD Strengthens Event Safety

    The issue of concealed weapons being introduced into school extracurricular activities, including sporting events and graduations, became a growing concern in communities across the nation. According to the K-12 School Shooting Database, there were at least 202 incidents of gunfire on school grounds in 2024 across the United States, resulting in 56 deaths and 147 injuries, underscoring the urgent need for enhanced safety protocols. Read Now

Most   Popular