ROCKVILLE, Md. - Officials now say nearly 6,000 students from six different schools in Montgomery County had their personal information exposed during a data breach that was discovered earlier this year in what they are calling a "brute force attack."
The incident, which occurred in October, was originally thought to have involved approximately 1,300 students with ties to Wheaton High School in Silver Spring after an unauthorized user gained access to and downloaded information from their Naviance accounts.
Naviance, an online college and career readiness program, notified Montgomery County Public Schools on October 4 regarding the breach they say happened a day earlier.
School officials now say that after further investigation the unauthorized user accessed and downloaded information from the Naviance accounts of a total of 5,962 students from six different Montgomery County Public Schools. The additional data breach occurred in September of this year.
Altogether, students at Wheaton High School, Montgomery Blair High School, Julius West Middle School, Argyle Middle School, Parkland Middle School, and A. Mario Loiederman Middle School were impacted, officials say.
The information believed to have been exposed includes names, dates of birth, highest ACT scores, ethnicity, grade levels, highest IB scores, gender, student ID numbers, student addresses, GPA scores, weighted GPA scores, home phone numbers, email addresses, highest SAT scores, mobile phone numbers, assigned counselors, highest PSAT scores and nicknames.
Officials say accessed information did not include social security numbers, banking information, or credit card information.
At this time the student currently faces disciplinary action as well as possible criminal charges.
Parents can request a free credit freeze for their child, check to see if their child has a credit report and review information on child identity theft from the Federal Trade Commission.
Parents can email the school at: email@example.com for assistance.