.

UPDATED: Plainfield Schools Job Application Website Hacked

District 202 spokesman said officials are still working with the company that owns the website to determine the extent of the breach, but said no social security numbers were compromised.

Updated, 10:50 a.m. Oct. 15:

A representative of Apex Solutions, the company that owns the job application website used by District 202, on Monday said the security breach happened when someone used an authorized District 202 acount to access the district's employment application database.

"AppliTrack was not hacked," Keith Westman, Apex's vice president of sales and marketing, said in an email. "Someone used an authorized Plainfield 202 username and password to access their database of employment applications to send an obscene email."

Westman said the district is working to determine how either an internal or external individual obtained the username and password. 

"We worked with Plainfield 202 over the weekend to assist them in their investigation and to offer any assistance we could," Westman said. "The website, www.applitrack.com, exceeds every security standard and takes very seriously the security of the data entrusted to our service."

Original story:

Anyone who applied online for a job in District 202 over the last few years got a nasty surprise on Saturday, after a hacker breached security on a website used by the district for employment applications.

On Saturday, current and past applicants received an “inappropriate and offensive message” from whoever hacked into the online job application system, Community Relations Director Tom Hernandez said.

He said messages were received by “tens of thousands” of people, putting the latest estimate at about 23,000.

One past job applicant said she got a message Saturday titled “Plainfield School District 202 has had a security breach.”

The message, which addressed the applicant by name, contained a racial slur and boasted about hacking into the system.

Hernandez said District 202 officials have been in touch with the company that owns the website, www.applitrack.com.

The website was shut down early Saturday evening, according to a message sent out by the district Saturday night. Hernandez said school district officials are still working with the company to determine exactly how much information was compromised.

“What I can say with certainty is that it did not gather [social security numbers] because we don’t ask for that on job applications,” he said.

Hernandez said the district believes the same hacker was behind a similar internal attack on District 202 systems.

“Our website was hacked in the past and we addressed those security issues,” he said.

District 202 has contacted local police, along with the FBI, Hernandez said.

“We plan to prosecute to the fullest extent possible,” he said.

On Saturday night, the district sent out an automated message notifying the District 202 community.

“This system is not part of District 202's network, therefore, we do not control it. However we are working with the company that runs the system to determine the scope of the problem and resolve the issue. The website has been shut down as of about an hour ago.

"We have also contacted the police and FBI and plan to prosecute the responsible party to the fullest extent of the law. We will update this message when new information becomes available. Our sincere apologies to those who were affected by this security breach and to everyone for this intrusion into your Saturday evening,” the message read in part.

Tim October 14, 2012 at 07:08 AM
why is the district not performing its own security tests on the companies it uses? This is standard procedure just about everywhere that deals with personal information, and it would have caught this long before any breach occurred. Just because you decided to outsource it, doesn't mean you give up all responsibility on it. That's the ugly downside of outsourcing that nobody ever seems to want to address. The site in question uses easily hackable aspx pages, its easy enough that it could have been done by some kid in high school.
Hurtin Anfrustrated October 15, 2012 at 07:58 PM
This is a result of budget downsizing no matter how you slice it or spin it!! Want to get mad? Then go to the source, Madigan and his Gang of Democrats in Springfield......BALANCE THE BUDGET AND PAY THE SCHOOLS THEIR MONEY LIKE YOU PROMISED TO DO!!!!!! Did you think there is nobody out there that is looking for a little payback for losing their job? Lets just hope we can get handle on this ASAP.
Tim October 16, 2012 at 05:53 PM
Spoken like someone who is blissfully unaware that the teachers union was who lobbied to divert the pension funds. They wanted the money to go to the fund that pays out every year, into the operating budgets of districts, instead of into their own pension plans. Now, they have put out the message that 'they were cheated out of money they were owed', when they were the very ones who asked for it to be diverted in the first place. This teachers union is out of control, and has lost every ounce of credibility it may once have had. The longer they attempt to treat the voters like complete idiots, the harsher the penalties will be on all of them. If you are a teacher, it would be wise for you to distance yourself as far from the union as possible. They are lying to you, more than they are lying to the voters.
John Tips October 24, 2012 at 03:26 PM
Maybe our district should spend some money on internal security issues by hiring an IT Specialist? Why are we paying Hernandez - since his comment “OUR WEBSITE WAS HACKED IN THE PAST AND WE ADDRESSES THOSE SECURITY ISSUES,” was obviously false! This mouthpiece of district 202 - has to go people! This guy is overpaid for providing us with this confused response! Obviously if they were hacked before - then this should have never occurred! Furthermore shifting the blame for District 202s (poor password security) to Apex solutions - only furthers our opinion that District 202 is in trouble! We taxpayers spend a huge sum of our money on this district which obviously is in need of both administrative and financial overhaul!
Greg October 24, 2012 at 05:06 PM
Who is the school districts IT director & what are they paid????

Boards

More »
Got a question? Something on your mind? Talk to your community, directly.
Note Article
Just a short thought to get the word out quickly about anything in your neighborhood.
Share something with your neighbors.What's on your mind?What's on your mind?Make an announcement, speak your mind, or sell somethingPost something
See more »