A data breach in October affected nearly five times as many Montgomery County students as originally thought, according to district officials.
The data breach was originally believed to have compromised the personal information of 1,344 students at Wheaton High School, but updated information released last week says nearly 6,000 accounts from six schools were affected.
In two separate incidents in mid-September and early October, an MCPS student hacked into an online “college and career readiness program that supports MCPS students” as they develop plans for after high school, according to a statement posted online by the school district.
The student, who MCPS officials did not name because they are a minor, determined the user name and password for the program, Naviance. The student downloaded data including SAT scores, GPAs, personal information, student IDs, phone numbers and email addresses of 5,962 students.
The information did not include Social Security numbers, banking information or credit card information, according to the MCPS statement.
Student accounts at the following six schools were accessed, according to MCPS:
• Wheaton High School
• Montgomery Blair High School
• Julius West Middle School
• Argyle Middle School
• Parkland Middle School
• A. Mario Loiederman Middle School.
In response to the data attack, all Naviance users at the schools were directed to reset their passwords. Parents were also urged to request a credit freeze for children who were affected.
No criminal charges have been filed against the student hacker, but could be later, according to the MCPS statement.
MCPS spokesman Derek Turner could not be reached on Monday for additional information.
MCPS originally said the student told school officials and police they shared the data with other students, but in its updated statement, MCPS said police do “not believe that the student shared any accessed information with others.”
Caitlynn Peetz can be reached at email@example.com