Two New York high school students enrolled at Madrid-Waddington Central School are facing third degree felony charges of computer tampering for allegedly accessing school district computers and changing records.
Fox10 reports that the two youth, who have been identified as Mathew Hayes and Nicholas Ladoceour, allegedly accessed attendance, disciplinary, and grade records via the school’s intranet. According to Syracuse.com, the two are accused of deleting some of those attendance and disciplinary records, and changing some grades. It is not yet known how many students had their records altered, or if the alterations included the boys’ own records, too.
Superintendent Lynn Roy told CNYcentral.com that it’s the first time in the nine years she’s been superintendent that computer security has been breached. The district learned of the breach on April 20 and immediately referred the matter to state police while they began investigating.
The district and the state police are still investigating the incident to determine how the boys may have gained access, while the district also continues to attempt to determine how many students’ records have been altered. The breach was likely facilitated by an error that exposed exposed employee login credentials in an unsecured folder on the district’s intranet. The district’s managed IT provider, Northeastern Regional Information Center (NERIC), has taken responsibility for that error.
In the meantime, parents have been sent a letter.