The HISD says a hacker accessed a district computer to view the files of at least one student. The hacker also would have been able to see the records of thousands of other students, employees, and vendors going back ten years. But there is no evidence yet that any of that information has been viewed, or used for nefarious purposes. District spokesman Jason Spencer says the first priority in improving network security is figuring out exactly who is doing what on the system.
"Teachers, employees at various sites have really had free rein to download whatever software they felt they needed. And while we want to continue to give them the flexibility to access to the software that they need, we realize we need a tighter control on what's being downloaded, and make sure our technology folks are guiding them as they're going about this."
Spencer says the district is already working on a stronger network firewall.
"Another thing that's happening immediately is we're going to bring in a third-party from outside the district to review our entire security environment and make a plan to address any weaknesses."
Spencer says the network upgrades will be paid for with money that already in HISD's technology fund. The district is advising parents to review the student records that they have access to online and point out any discrepancies. The employees are being told to sign up for free fraud alerts through the major credit bureaus as a way to guard against the possibility of identity theft.