Daniel Borunda reports:
The private information of thousands of El Paso Independent School District students, teachers and other employees is at risk after hackers broke into the district’s internal computer network.
The security breach was discovered Wednesday when a computer security company noticed hackers bragging on a website about breaking into the EPISD system.
EPISD officials confirmed that the district’s internal network (myepisd.org) was infiltrated and that hackers gained access to information such as names, birth dates, addresses and Social Security numbers of district employees and students.
Read more on the El Paso Times.
The hackers’ post referred to in the story seemingly was posted on Pastebin, but has been removed as of the time of this posting. A cached copy, still currently available, shows that ethnicity data were also acquired. The hackers, who identified themselves as -Sy5t3mF41lur3 & t3hblackhatter of H05t_Bu5t0rz, did not display any dates of birth in their proof of intrusion, nor Social Security Numbers. Their post reveals the names, ethnicity codes, and student ID numbers for 26 students. There are no other personal details revealed.
Gaby Loria of KVIA notes that the server contained the district’s internal network includes names, addresses and Social Security numbers for approximately 63,000 students and 9,000 teachers.
The alert to parents is posted in both English and Spanish on the district’s home page.
There is no explanation of why the district had failed to encrypt the sensitive information.