(WSVN) - A cybersecurity breach at a South Florida school. A student hacked into teachers’ computers — but was never criminally charged. 7’s Brian Entin investigates.
A new school year is about to start at Miami Springs Senior High — but a hacking incident last school year has the district tightening security.
Brian Entin: “How serious is this?”
Paul Debogorski, South Florida Cybersecurity Investigations: “It can be very serious.”
7News has learned a high school senior was able to hack into the school’s computers and change between 25 and 30 grades.
The student had access to teachers’ computers because he was helping the school build a website.
The district says he used a device known as a “keylogger” to get teachers’ logins and passwords, and use that information to to change the grades.
The school district says the “keylogger” the student used looks like a flash drive.
He plugged it into the teachers’ computers and it recorded everything they typed.
Paul Debogorski: “It is completely invisible to whoever is working on the computer at the moment, and it records every keystroke that the person types in on the computer.”
Paul Debogorski is a cybersecurity expert. He has worked for school districts and the federal government.
Brian Entin: “Is this criminal?”
Paul Debogorski: “Yes, it is. Because it constitutes gaining access to a system without the permission of the system owner, which by itself is a crime under federal law.”
The high school student was eventually caught when a teacher noticed the wrong grades, but he was not criminally charged — which upset some teachers and students.
A student even tweeted the superintendent back in May about the situation, and he responded, “Your tweets have been referred for official investigation.”
7News has learned the school did an “internal review,” interviewing students and notifying parents — but despite the seriousness of the hack, there was no police investigation.
Paul Debogorski: “There is the potential that the teachers, or whoever was affected by this, could have entered personal information, like their social security number, private information, their children’s information.”
Miami-Dade Schools says they took action after the hacking incident.
Teachers were required to go back and correct changed grades. They were told to change their usernames and passwords. And from now on, students will not have access to teachers’ computers.
Because of privacy laws, the district can’t release information about the student. But they say he learned a “hard lesson” and was disciplined. Sources tell us he was not able to go to prom or walk at graduation.
MIAMI-DADE COUNTY PUBLIC SCHOOLS STATEMENT:
“A Miami-Dade County Public Schools (M-DCPS) student has learned a hard lesson after violating the trust of his teachers and peers. He was disciplined according to the Code of Student Conduct, and any grades that were altered were immediately corrected. The curriculum for students who assist teachers is being revamped to ensure that these issues do not occur in the future. As always, values do matter at M-DCPS, and we will continue to work diligently to promote a culture of honesty and integrity among our students.”
– Jackie Calzadilla
Media Relations Director
CONTACT INVESTIGATES:
305-627-CLUE
954-921-CLUE
clue@wsvn.com
Copyright 2024 Sunbeam Television Corp. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.