After a computer breach that jeopardized thousands of students' personal information, the Lancaster County school district is looking at new ways to secure records.
Earlier this month, school officials learned that hackers infiltrated a database of student and employee information and stole passwords that can access names, Social Security numbers, birth dates, addresses and phone numbers for some 25,000 current and former students and 2,500 district employees.
"It is our understanding that the hackers then used the passwords to access students' and employee data in the state system," Superintendent Gene Moore wrote in an April 12 letter to families.
District leaders aren't sure whether the hackers actually took any information.
Never miss a local story.
"We don't know that they got anything, but the potential is there," district spokesman David Knight said.
Families and employees are advised to closely monitor financial statements and report any suspicious activity to the financial institution involved and contact the Federal Trade Commission.
State and federal investigators believe the hackers were working out of Russia, said Lydia Quinn, the district's director of planning and accountability.
Upon learning of the breach, officials shut down the system and have since changed all passwords, Quinn said. They also contacted anyone whose information was stored in the district's database within the last decade.
The S.C. Department of Education is not aware of similar hacks in other school systems, spokesman Jim Foster said.
In an age when doing business online is a way of life and modern conveniences depend on databases, massive computer breaches are increasingly common.
The Pentagon Federal Credit Union, McDonald's, the University of California and the NASDAQ stock exchange all have been hacked.
Earlier this month, cyber thieves stole what could be millions of individual customer names and email addresses from Epsilon, a Dallas-based marketing firm that manages email services for hundreds of companies including Citigroup, JPMorgan Chase, Best Buy, Amazon.com, American Express, Verizon and the College Board.
"One mouse click can open up a whole system," Lancaster County school board member Don McCorkle said. "There's a danger that, regardless of how strong your security programs are, there's a breach somewhere."
South Carolina school systems store student information in a web-based electronic warehouse called PowerSchool. The system, which the state added this year, gives educators quick access to scores of valuable records. It even allows parents to check online to see their student's test grades, scores on assignments, schedule, messages from teachers and even whether their child attended class on time.
McCorkle said the district works to keep that information secure with the latest firewalls and antivirus programs.
"We haven't been slack on any of that," he said. "Our IT person is extraordinarily capable. It just takes one person somewhere to innocently open a crack, and it's all open."
Lancaster County district leaders are looking to take the most sensitive student information - such as Social Security numbers - offline so it would be unavailable during a breach, Knight said. Archived information from previous students also will likely be taken offline except for when it's needed, Quinn said.
Since the breach, the district has received 20 to 25 calls a day from people with questions about it, Quinn said.
Not all parents are worried, though.
"It's the new world we live in," said Kevin Sexton, whose daughter attends fourth grade at Indian Land Elementary. "If the Pentagon can be hacked and big banks can be hacked, school districts can be hacked.
"Nobody's safe anymore."