This appears to be a defacement, but until the forensics are complete, we won’t know if any information has been accessed or acquired.
Becky Wright reports:
The website of a company used by Weber School District, “MySchoolFees,” has been compromised. Parents and students are being asked to stop making online payments through the site until further notice.
The school district announced the security breach Tuesday on its website and through a posting on its Facebook page.
Read more on Standard Examiner.
Of note: TES Software, who provides the MySchoolFees service, pays Trustwave Spiderlabs Forensics to attack its website every month to test security. Wright reports that a forensic team from Spiderlabs will be examining an image of the hard drive, to conclusively determine if any data was compromised.
“When we find out, we’ll release that report,” said Tatton.
According to Tatton, more than 200 schools use the service. Each of the schools was immediately notified of the breach, and the 140,000 associated parents who have made payments on the website will receive a letter.
“We’re doing everything to make sure we stay transparent,” he said.
Nice. Also nice that they had a made a decision not to permit credit card numbers to be stored. Less convenient for parents, but more secure.
TesSoftware.net and MySchoolFees.com sites are offline as of the time of this posting.