UPDATE: Post updated at 5:24 p.m. with new information from SPS.

Seattle Public Schools spokesperson Teresa Wippel confirmed that someone has been stealing teacher passwords and altering grades, but added that there was no way to be sure yet it was the handiwork of students.

Wippel said that the district has found out that "grade book grades (not final grades) were changed." "We do not know by whom … But we know when, and from where," she said.

Wippel added that the district was investigating the issue. The Stranger reported on an anonymous tip earlier today which included a memo from SPS's Chief Information Officer Jim Ratchford warning employees about a security compromise to their network log-in credentials.

Wippel said that someone had used key loggers to get unauthorized access to district systems. "These things that they insert into the USB port works the same way as the things inserted into cash machines, so that when the password is entered, it captures every key stroke."

Wippel said that the first time it came to the attention of the school district was when a teacher at Ingraham High School became suspicious about a password problem 10 days ago. "She was having trouble logging in," Wippel said. "But we only found hard evidence, as in the actual device itself on a computer at Ingraham, within the last day."

The district is still investigating the seriousness of the compromise, Wippel said, adding that so far it involved the Easy Grade Pro grade books, which teachers use to enter initial grades. SPS teachers usually use two different kinds of grade books: Easy Grade Pro and eSIS, where parents can log in and see the grades. The eSIS system has not been compromised, Wippel said.

"So the next step is for teachers to double-check their grades to make sure that nothing has been changed," she said. The district has no idea how many computers have been compromised by key loggers. Wippel said that teachers have separate computer workspaces assigned to them, "but I am sure there's lots of computer sharing,"

Wippel said that Ratchford and his team were investigating preventive measures to avoid future problems like this. The first thing that they researched involved a security device that would cost $45 per computer. "The preventive measures are pretty expensive," Wippel said. "We are continuing to research them."

When I asked Ratchford whether any software-based key loggers had been used, he said that SPS was "in the process of assessing the situation. [We] do not have details at this point and no pictures. We are monitoring the system activity for unusual behaviors. Therefore, no one should be able to access SPS computers without authorization."

We all know that key loggers are not sophisticated ways to hack a computer. Usually kiosks and lab machines are locked down by group policy which prevents non-administrator users from installing programs. If the district was allowing anyone except teachers to have enough privileges on these machines to be able to install programs like key loggers, then I am not really surprised this happened.