In case there were still doubts about what happened to the district's student information central, Genesis, last night while following threads of what looked like an user's name I ended up at what seems to be the start of a public thread of what went on, if in fact this is what happened.
I am still amazed that there are public threads of what seems to have happened. Perhaps a proper title for this post should had been "The Moral Dilemmas of Hacking".
Yesterday I sent an e-mail to both district and school board leadership, this was with the hopes that they would advise us parents of what information was compromised, after all, Genesis has ALL academic information PLUS personal information of each and all students. This means grades, attendance, conduct, address, phone, student ID #, not sure Social Security but this is also a possibility. A "Thanks" from the interim superintendent was the response to my e-mail.
In addition to the above information, there are those of us parents who pay for lunch over the internet and while the system is different, I am not sure if the information, such as credit card or bank accounts, is shared with Genesis.
To top it all, when parents ask for access to Genesis for the fist time, parents need to provide the school with a photo ID, this for many of us is our driving license. The school makes a copy of the ID and keeps it. Is this information entered into Genesis?
Not exactly a pretty picture when you think that some unauthorized user(s) had access to all of this information.
And not a pretty picture that the school district leadership is mute about this whole thing.
I thought for a while, long while, if perhaps I was overreacting to the situation. I wanted to play it safe and I wanted to feel our personal information was actually safe. But playing it safe and feeling our information is safe are two totally different things. So, I started searching on the internet for clues. What I found, if it is what happened, only reinforced the fact that the district must confront this issue and break their code (ooops! no pun intended) of silence.
Following is where the thread starts by an anonymous poster at green-oval.net. this past Tuesday at 7:41 PM:
SCHOOL DISTRICT WEBSITE ADMIN PASSWORD
(It then gives the user's name, the password, the link to Plainfield's Genesis and a note)
What goes on next is incredulity by some of what appears different users of green-oval.net. From "holy --- I logged in and it worked...." to sharing how lunch prices, classes, grades, assignments, etc. could, and were, changed.
There are also commentaries about our city that truly speak of how much work there needs to be done to change the image of Plainfield. Not a pretty picture if you are fond of Plainfield.
One is left wondering: Was this kid's play? Or was this the work of an adult who wanted to embarrass the district?
Either way, parents need to know what personal information was compromised, what has the district done about this and what will the district do so this doesn't happen again.
I sure am waiting for an explanation from the district, wouldn't you?
*grammatical corrections done after posting.