FCPS refutes state's version of breach
The student data breach that came to light last week, also included names from schools outside of Frederick County, said Michael Doerrer, spokesman for Frederick County Public Schools.
Doerrer said FCPS alerted MSDE because the data contained "an identifier code that was not an identifier for FCPS, but for another Maryland district." FCPS notified the Maryland State Department of Education, he said, “when it became apparent in September that it [the breach] likely originated from MSDE.”
In statements issued in the past week, FCPS top brass has linked the breach to MSDE. In an unsigned statement on its website, FCPS said on Dec. 18 that a multi-agency investigation “indicated that the information may have been obtained from the MSDE system (FCPS is legally required to share student data with MSDE). Indeed, MSDE determined that its system was attacked. It has since taken steps to increase the security of its system.”
MSDE released a statement today that pushes back on FCPS’ version of events regarding the discovery of a website selling at least 1,000 former Frederick County public school students personal information, including name, date of birth and social security number.
In a statement emailed to The Frederick Extra, MSDE spokesman William Reinhard said:
“The Frederick County Public Schools on Sunday released a statement on its student data loss that runs counter to the facts as State officials understand them,” the statement
The statement concluded that:
“The final report from the Multistate Information Sharing and Analysis Center indicated that it was unable to determine where the breach occurred. There is no evidence that the breach occurred at the Maryland State Department of Education or, more specifically, that State Data systems were breached.”
