Saturday, January 22, 2011

Public Threads of What Happened to the District's Student System? Can the School District Explain?

Update: The district has finally posted information at the school district's website on this matter. Click HERE to read their press release.

In case there were still doubts about what happened to the district's student information central, Genesis, last night while following threads of what looked like an user's name I ended up at what seems to be the start of a public thread of what went on, if in fact this is what happened.

I am still amazed that there are public threads of what seems to have happened. Perhaps a proper title for this post should had been "The Moral Dilemmas of Hacking".

Yesterday I sent an e-mail to both district and school board leadership, this was with the hopes that they would advise us parents of what information was compromised, after all, Genesis has ALL academic information PLUS personal information of each and all students. This means grades, attendance, conduct, address, phone, student ID #, not sure Social Security but this is also a possibility. A "Thanks" from the interim superintendent was the response to my e-mail.

In addition to the above information, there are those of us parents who pay for lunch over the internet and while the system is different, I am not sure if the information, such as credit card or bank accounts, is shared with Genesis.

To top it all, when parents ask for access to Genesis for the fist time, parents need to provide the school with a photo ID, this for many of us is our driving license. The school makes a copy of the ID and keeps it. Is this information entered into Genesis?

Not exactly a pretty picture when you think that some unauthorized user(s) had access to all of this information.

And not a pretty picture that the school district leadership is mute about this whole thing.

I thought for a while, long while, if perhaps I was overreacting to the situation. I wanted to play it safe and I wanted to feel our personal information was actually safe. But playing it safe and feeling our information is safe are two totally different things. So, I started searching on the internet for clues. What I found, if it is what happened, only reinforced the fact that the district must confront this issue and break their code (ooops! no pun intended) of silence.

Following is where the thread starts by an anonymous poster at this past Tuesday at 7:41 PM:


(It then gives the user's name, the password, the link to Plainfield's Genesis and a note)

have fun:)

What goes on next is incredulity by some of what appears different users of From "holy --- I logged in and it worked...." to sharing how lunch prices, classes, grades, assignments, etc. could, and were, changed.

There are also commentaries about our city that truly speak of how much work there needs to be done to change the image of Plainfield. Not a pretty picture if you are fond of Plainfield.

One is left wondering: Was this kid's play? Or was this the work of an adult who wanted to embarrass the district?

Either way, parents need to know what personal information was compromised, what has the district done about this and what will the district do so this doesn't happen again.

I sure am waiting for an explanation from the district, wouldn't you?

*grammatical corrections done after posting.

1 comment:

Anonymous said...

You need to ask:
1. When did the district learn about the breach?

2. Make them show you how it was reported and to whom.

3. When did the Board, superintendent and Public Information Officer learn about it?

4. Are there e-mails or communications that were sent? Ask for them.

5. What did they do with the information?

The truth will show that they knew about this some time ago and tried to COVER IT UP!!!!

In a meeting it was discussed that personal information (SS#, DOB, etc.) were open to thousands who may have gone into the system.

Grades have been changed and other information has been tampered with.


Lets hope that the little guys in IT dont take the fall.