Dian Schaffhauser reports:
A Washington State man has been sentenced to 10 years in prison after pleading guilty to 31 counts of criminal activity, most related to a school district data breach. Christopher Berge, now 21, was a student at Mountain View High School in Evergreen Public Schools when he “shoulder surfed”–physically observed–a password used by a district employee.
Berge later used the password to gain access to the district’s student information system, hosted by the Washington School Information Processing Cooperative (WSIPC). From there, he was able to gain access to the payroll data of another district in the state, Vancouver Public Schools. That data included bank account information, Social Security numbers, and birthdates of 5,000 current and former school district employees, according to documents posted on the Vancouver district’s Web site.
Read more in THE Journal.