.

Hatrick ‘Deeply Concerned’ About Security Breach On School System Vendor Website

In a message to parents, the superintendent said measures are being taken to prevent future problems.

LCPS Superintendent Edgar Hatrick informed parents Tuesday of a security breach with a school system vendor. Credit: LCPS
LCPS Superintendent Edgar Hatrick informed parents Tuesday of a security breach with a school system vendor. Credit: LCPS

A software vendor contracted by Loudoun County Public Schools has reported a security breach to the school system, according to a message sent to parents Jan. 7.

SEE UPDATE HERE

The message, from Superintendent Edgar Hatrick, identified the vendor as Risk Solutions International, which maintains the LCPS Emergency Management Plans. Personal information about students and staff members normally restricted to authorized LCPS personnel can be found on the website in question. The information on the site is restricted for use in emergency situations, according to Hatrick’s message.

Risk Solutions immediately took the site offline while fixing the problem, according to the message.

“I have insisted that they take all necessary steps to ensure the complete privacy of our date,” Hatrick wrote, explaining that Risk Solutions indicated that human error caused the problem. “That said, I am deeply concerned that the breach occurred and have taken every possible precaution to make sure it does not happen again.”

It's unclear whether anyone accessed the information or how long the security issue existed, according to The Washington Post.

Hatrick’s full message to parents:

This is Edgar Hatrick, the superintendent of Loudoun County Public Schools. Recently, the school system was informed of a security breach involving one of our software vendors. The vendor, Risk Solutions International, maintains the school system’s Emergency Management Plans.

The website contains some personal information about students and staff members that is normally restricted to authorized LCPS employees only for use in emergency situations. The vendor site was immediately taken down while the vendor fixed the problem. Risk Solutions International acknowledged that human error, on their part, was the cause of the data breach.

I have insisted that they take all necessary steps to ensure the complete privacy of our data. That said, I am deeply concerned that the breach occurred and have taken every possible precaution to make sure it does not happen again.

Thank you.

startyourblender January 08, 2014 at 10:05 AM
I'd really like to know why Hatrick too so long to get the note out to parents, and why his communication contains *zero* details on what specific information was potentially exposed.

Boards

More »
Got a question? Something on your mind? Talk to your community, directly.
Note Article
Just a short thought to get the word out quickly about anything in your neighborhood.
Share something with your neighbors.What's on your mind?What's on your mind?Make an announcement, speak your mind, or sell somethingPost something
See more »