hack laptop

Student Hacker Was Able To Breach Thousands of Student Accounts in Maryland District

Originally, the Montgomery County district thought the cyber attack was limited to one high school. But the hacker was able to obtain access to the accounts of over 5,000 students across six schools.

When a student hacker in a Washington, D.C. suburb was able to gain access to the personal data of fellow students in October, the district originally thought that the attack only extended to 1,344 students at one high school.

But it turns out that the student had access to the data of at least 5,962 user accounts from six schools, the Montgomery County Public School district announced on Nov. 25.

The district and the local police department have identified the hacker, who faces possible criminal charges. A forensic analysis of the student’s devices show that the hacker was able to execute a series of attacks in September gave the student data at other schools, which included four middle schools and one more high school. Only Wheaton High School was named in the original announcement of the cyber attack.

Police said that the data does not include any Social Security or financial information, and it does not appear that the suspect shared any of the data with third parties. The data sets did include student GPAs, standardized test scores, addresses, phone numbers and more.

Although the district was not aware of the September breaches until early November, the October attack was quickly picked up by Naviance. The platform automatically reset the passwords of the users whose data was hacked and blocked the IP address of the hacker from accessing the server.

Parents have been advised to request a free credit freeze from their credit bureau, making it difficult for a malicious actor to use the student’s information to open new accounts. In addition, parents can check their children’s credit reports for fraudulent accounts.

“MCPS is committed to safeguarding the privacy and security of our students, families, and staff and MCPS sincerely regrets that this incident has occurred,” the district said in its November memo. “MCPS takes this event very seriously and has implemented improvements to prevent such unauthorized access from happening again.”

Montgomery County is the same district where parents successfully pushed the district to agree to delete data collected on students at least once a year. The advocacy efforts were in motion before the recent data breach.

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • A.C. Camargo Cancer Center Enhances Security, Patient Care with Help from Advanced Video Surveillance

    A.C. Camargo Cancer Center, a leading oncology treatment center in São Paulo, Brazil recognized for its history of innovation, today announced that its partnership with Axis Communications has produced savings of more than $2 million over its first two years, all of which will be reinvested in patient care. A.C. Camargo has deployed more than 2,000 state-of-the-art video surveillance cameras throughout the Center’s corridors, complex care units, and parking lots, embracing a more holistic approach to security that emphasizes patient and employee safety along with improved quality of service. Read Now

  • 2025 Secure Campus Award Winners Announced

    Campus Security Today is pleased to announce the 2025 Secure Campus Award winners. Twenty companies are being recognized this year for products that help keep education and business campuses safe. Read Now

  • K-12 School Safety Trends Report Shows Training, Technology Are Saving Lives

    CENTEGIX, the industry leader and most widely adopted wearable safety technology provider for K-12 education, today released its 2025 School Safety Trends Report, the only comprehensive and data-rich analysis of school safety available in the wearable panic button market. The report identifies and outlines the top tech and legislative movements relevant to school safety in the U.S. and draws on data collected in the 2024/2025 school year through the CENTEGIX Safety Platform, including more than 265,000 incidents of CrisisAlert use. Read Now

  • Survey: Fewer Than 20 Percent of School Leaders Consider Their Main Entrance “Completely Secure”

    Singlewire Software, provider of solutions that help keep people safe and informed, releases the findings of its inaugural School Entrance Security Report, which captured responses from more than 500 school staff members across the United States. This research highlights the concerns and challenges schools are facing in securing their entrances and keeping students and staff safe from potential threats Read Now