A 15-year-old student at Shenendehowa Central School (NY) has been charged with three felonies after he accessed a database containing the personal information of 250 past and present transportation employees’ personal information including their Social Security numbers.
The hacker (obviously a bright kid) sent an e-mail reading “Look what I have” and signed “A Student” to the school principal, and was identified within a couple hours. (Well, maybe not that bright.)
The school had been migrating information to a new server, with the help of an outside vendor. A configuration error left the data available for one or two weeks to anyone with a school district password. The sophomore student accessed the database using his student password while working in a school computer lab.
Officials don’t believe he intended to use the information, only to show that he was able to access it. The perpetrator hasn’t been named because he’s a juvenile. He has, however, been charged with computer trespass, unlawful possession of personal identification information and ID theft, all felony charges. He is scheduled to make an appearance in Saratoga County Family Court later this week.
The vendors who failed to secure the employees’ personal information have not been identified or charged.
Because you never know who might be allowed access to your personal information, it’s essential that you take your protection seriously. Visit LifeLock.com to learn more about their award-winning identity theft protection services. Enroll in the service trusted by nearly 1.5 million Americans, and use the LifeLock promotional code Defense to get the best price and 30 days of free LifeLock protection.
