A data breach that affected school software company Raptor Technologies may have left some Northern Virginia school systems’ information vulnerable.
Arlington Public Schools, for one, uses the company’s software for its visitor management system, the school district said in a memo to staff and families Friday.
Chief Operating Officer John Mayo wrote that the school district doesn’t know what specific information may have been exposed or if anyone accessed it.
Raptor Technologies contacted the school district “regarding the discovery of some APS data that was externally exposed for an unspecified time frame,” Mayo said in the memo.
The breach affected many school systems across the country, Mayo wrote, and “upon learning of the breach, Raptor secured the accessible information and initiated an investigation.”
ARL Now first reported the breach.
Arlington schools uses the system to manage volunteers and visitors in schools, Mayo said.
June Prakash, president of the Arlington Education Association, said system usage varies from school to school. Sometimes, school guests sign in on paper and get a guest pass, she said.
“The biggest concern would be if I have gone into a building, and I have the ability to scan my driver’s license instead of just typing my first and last name in and getting a visitor badge,” Prakash said. “That would concern me that there is that type of information and how that could be used in a data breach.”
It’s unclear whether visitors’ driver’s license information may have been vulnerable in the breach.
In the memo, Mayo said the school district uses “a limited number of services offered by Raptor, compared to the full range of its capabilities.”
“APS is working with Raptor regarding this issue and will provide additional information when we know more,” Mayo said. “The safety of our students, staff and community is our utmost priority, and we will continue working with Raptor to ensure that all necessary steps are being taken to safeguard the information in Raptor.”
It’s the first time Prakash said a breach of this type has happened in the eight or nine years she’s been with the school division.
“If someone has my information, is it a big deal? Is it not a big deal?” Prakash said. “All we ever want as employees are just answers to questions, and for administration to be really proactive in their answers and get ahead of the questions that we might be having.”
Raptor recently told Prince William County Public Schools about the breach, a schools spokeswoman said. The school district has notified federal law enforcement and is investigating the extent of the breach.
However, the spokeswoman said it doesn’t appear that “any significant protected personally identifiable information was released and no PWCS network or passwords were compromised.”
Meanwhile, a spokesman for Loudoun County Public Schools said, “Raptor is part of our security efforts, therefore, we do not discuss it publicly.”
Get breaking news and daily headlines delivered to your email inbox by signing up here.
© 2024 WTOP. All Rights Reserved. This website is not intended for users located within the European Economic Area.