A few weeks ago, officials at Fairfax County Public Schools thought they had a hacker on their hands.
Someone was changing teacher passwords on the Falls Church, Virginia, school district’s Blackboard system, which is used to give teachers, students and parents a way to communicate and stay on top of homework assignments and class announcements over the Web.
Local police were called; they investigated and traced the incident to the home of a 9-year-old student at the school. Although police initially thought that the Blackboard system had been hacked, it turned out that a Fairfax student — who has not been identified — had simply taken a teacher’s password from a desk and used it to change enrollment lists and other teachers’ passwords.
“This was a case where an individual … got hold of a teacher’s password, and the passwords had administrative rights,” said Paul Regnier, a school board spokesman.
The student was able to enroll teachers in classes, and when he did so he could modify their passwords on the Blackboard system, but there wasn’t much more he could do, Blackboard representatives said. The intruder couldn’t, for example, change grades or access other machines on the school’s system.
That didn’t stop some local papers from reporting the incident as a computer intrusion, a characterization that both Regnier and Blackboard now dispute. “It was actually not a hack, unless you consider the fact that the 9-year-old took the teacher’s username and password from the desk a hack,” said Michael Stanton, Blackboard’s senior vice president of corporate affairs.
Although there will be no criminal charges filed against the perpetrator — citing school policy, Regnier wouldn’t confirm that it is a student — the Fairfax school board is taking the incident seriously, Regnier said. “Nothing bad happened this time, but we have to make sure that … it doesn’t happen again,” he said.
The key, he added, is keeping passwords safe from prying eyes.