Bettering Plainfield with the facts since 2005

Friday, January 21, 2011

UPDATE: District notice on Plainfield schools' website hacking

Visitors to the District's Genesis portal got this message today.
UPDATE, SUNDAY:  Maria reports the District has put up a press release on the hacking incident (see here, PDF). Not exactly rapid response, but it does the job. Question: It's from the Interim Super, on letterhead; was it mailed to all stakeholders, or just put on the website?

Genesis, the Plainfield
school district's parent/teacher portal, evidently was hacked sometime during the week.

The first I knew of it was in preparing this morning's CLIPS blog, where I found mention by Maria Pellum on her blog (see here), though evidently the problem has existed since Monday.

Received an email from Maria this afternoon advising that personal information about at least one student had been posted on the Ledger's NJ forums (she says it has subsequently been taken down). Here is a link to a screenshot (here) of the image posted on the forums.

Maria's question is whether the parents should be told.

Putting on my old public information officer hat, here is my suggestion --

ABSOLUTELY there should be a public notice put up on the website and sent out to the media, with at least the minimum following details:
  • Info about what portions of the Genesis portal were hacked
  • When the District found out
  • What the District has done/is doing about the problem
  • Apology for any inconvenience
  • What remedy the District will pursue once the perpetrator(s) are identified
  • Contact information for queries to the District
Alacrity and transparency when it comes to accidental divulging of information about stakeholders will go a long way to reassure everyone that the situation is in hand and remedies are being devised.

And, it will reassure the public that PROFESSIONALS are in charge at the District.

It is quite disappointing to find at 3:30 PM that no further information is available on the District website about a problem that is several days old. In addition, there are worries about whether the credit card numbers and passwords of parent who pay for school lunches through the Genesis system have been compromised, as well as whether students' Social Security numbers have been stolen.

-- Dan Damon [follow]

View today's CLIPS here. Not getting your own CLIPS email daily? Click here to subscribe.


Anonymous said...

The site that is used to pay for student lunches is not Genesis. Too my knowledge the site that is used does not feed data to Genesis. The district should be able to confirm this.