PENDLETON — The Pendleton School District is shoring up its cyber security system after a student gained access to its emails and classroom platforms on Oct. 12.
Superintendent Chris Fritsch said the student used the district’s email system to send cyberbullying messages to several students in the district in the morning. The district was already looking into the breach when the student hacked into the district again to post pornographic material into virtual classrooms at McKay Creek Elementary School and Sunridge Middle School in the afternoon. Fritsch said teachers noticed the pornography within a minute and removed it from their classrooms.
In an Oct. 13 email to staff, Fritsch discussed some of the consequences the student may face.
“Police will be continuing with their investigation and working with the District Attorney’s Office regarding any charges,” he wrote. “The District for its part will be determining the appropriate level of sanctions. The District is still gathering evidence as well and will determine the appropriate course of action once its investigation and review of the facts is completed.”
Pendleton Police Chief Stuart Roberts identified the student as a 13-year-old boy, but he wouldn’t go as far as to call the student’s actions “hacking.”
“Frankly, it’s not overly complex,” Roberts said.
Roberts said the student figured out the pattern to the passwords students were issued to access their emails and digital classrooms. The student then spent hours using the pattern to make educated guesses at what other students’ passwords were.
Roberts said he found out about the incidents Oct. 12, and by the next day, police were able to trace the messages back to the student with the help of the district’s IT contractor, the InterMountain Education Service District. Roberts said the police met with the student and his parents, where he admitted to accessing the school’s systems.
Roberts said the district will refer the case to the Umatilla County District Attorney’s Office in the coming days, but he added the outcomes for youths can vary.
The district is now trying to prevent their system from getting breached again.
In the email to staff, Fritsch said each school would now be able to manually change passwords instead of having to rely on the IMESD IT department. The district is also having students change passwords and reinforcing that all passwords are to remain confidential. Staff will also be trained in how to take additional digital security measures.
“Unfortunate as it is, there is an ongoing presence on the internet of those who are looking for access and weaknesses in school systems for the purpose of disrupting or causing harm to students and the educational process,” Fritsch wrote. “We will continue to evaluate yesterday’s events and will implement upgrades to security as needed.”
The system breach adds another factor in what’s been a difficult year for the Pendleton School District as it tried to offer public education during the COVID-19 pandemic.
With the effects of the pandemic punching a hole in the state budget, the district had to revise its request for money from the Student Success Act from its original $2.4 million to $773,771. That means the district will have to forgo some of the new positions it created, like a heritage language teacher, a music teacher and several instructional assistants.
At an Oct. 12 school board meeting, Fritsch said he was glad the district was able to continue its expansion of its mental health support staff because schools were reporting that a growing number of students were suffering from mental health issues as a result of not being able to go to school in person.
“There’s only one remedy for that, and it’s the thing we can’t do: get all of our kids back into the buildings in a strategic manner,” Fritsch told the board.
Kate Bodewig, the president of the Pendleton Association of Teachers, said teachers were also struggling with their mental health, equating the experience of seeing teachers break down with watching her father cry for the first time.