Ann Costantino reports:
A massive security flaw has been detected that allowed unrestricted access to highly sensitive records pertaining to students, staff and internal school system data on a Baltimore County Public Schools (BCPS) public facing website.
The system’s BCPS One/Schoology platform, where students are able to access classes, grades and academic resources online, is the source of the breach where anyone with a password – including students, parents, and staff members – have had access to personal student and staff member information, as well as some sensitive school system records.
Some records found go back to the 2008 – 2009 school year.
Read more on The Baltimore Post.
h/t, Cheri Kiesecker