MCPS students’ data exposed in Wheaton breach

A recent data security incident involving Naviance in Wheaton high school caused all MCPS students to reset their log-in information. Naviance is an online program that enables students to prepare for college and careers. MCPS is resetting Naviance passwords for all MCPS students to ensure that student information stays safe, in an abundance of caution. Any MCPS student attempting to log into Naviance, whether at home or at school, will be prompted to change their password.

Through Naviance, an unnamed student improperly downloaded personal information and test scores of more than 1,000 students at Wheaton. The information included students’ names, contact information, ethnicity and gender. It also included students’ scores on SAT, ACT, PSAT and International Baccalaureate exams. Social Security numbers, banking and credit card information were not part of the breach, according to the school system.  The student allegedly involved told school officials and police that he shared the data with other students. Police confiscated the suspect’s technology devices.

A Montgomery County Public Schools statement says the data breach happened on Oct. 3 and impacted 1,344 Naviance accounts tied to Wheaton. District spokesman Derek Turner told The Washington Post that the student wrote a program or algorithm that tried various combinations of usernames and passwords to gain access. Officials say the student — who does not attend Wheaton High School — was tracked down Oct. 7 and awaits both school discipline and possible criminal charges.

Article by Dhruv Pai of Montgomery Blair High School

Photo courtesy of Avantika Selvarajan of Cabin John Middle School

 

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.