We just received a tip that Seattle Public School students are using high-tech to steal teacher passwords, hack systems, and alter grades. I am waiting for SPS to confirm this.

According to an email sent by the district's Chief Informational Officer Jim Ratchford at 11:15 a.m. today to SPS employees, including Interim Superintendent Susan Enfield, Department of Technology Services has determined that network log-in credentials "are being stolen and used to inappropriately access district systems."

The email, whose subject line reads "Unauthorized Access Warning," says that the incident "appears to have been going on for the last few weeks, possibly longer." "At this point, we are aware of this happening at these schools: Ballard, Ingraham, and Sealth. However, all schools and teachers are at risk," Ratchford says in his email.

More information on the hacking from Ratchford's email, which was leaked to us by an anonymous SPS employee:

How is this happening? Someone is inserting a device called a “key logger” into computers — using a USB connection, a key logger is inserted into the computer’s USB port and the keyboard cable into the key logger. The key logger looks like the device below — similar to a keyboard or mouse wireless device or a flash drive and difficult to distinguish as out of the norm.

What does this mean to you?
1) What is happening: Teacher log-in passwords are being stolen and used to change grade book grades in Easy Grade Pro.
2) What do I do? Please check your desktop and/or your presentation computer for any unknown devices.
3) What do I do if I suspect my password has been stolen? Contact the TechLine at x20333 to identify your machine and log-in as compromised. They will help you change your passwords.
4) Check your students’ grades. Consider comparing EGP grades with the eSIS grades, and if they are different, it’s likely that your grade book has been compromised.

Please — Do NOT use your username and password on a computer without first checking it for such a device.

We are exploring options to address this problem. At this point, the best mitigation is to visually check your computer for the key logger device.

Also, I need to emphasize that key logger devices capture all keyboard key strokes. Therefore, while the incidents we are experiencing appear to be focused on acquiring and using teacher log-in credentials, a key logger is also capturing: email messages, Internet URLs, personal accounts information (e.g. banking), etc.

If you have any questions, please do contact me and I or someone from the DoTS team will get back with you.


Jim Ratchford
Chief Information Officer
Seattle Public Schools

An SPS employee compared the whole unfortunate situation to "War Games, but not as cool."