Schools

Plainfield Schools: No Evidence Hacker Accessed Job Applicants' Personal Info

The online job application system used by District 202 was shut down after someone was able to log in to an employee's account.

After someone used an authorized username and password to log in to the online employment application system used by District 202 — and used that access to send a nasty email to an estimated 23,000 job applicants — officials say they don't believe any personal information was compromised.

On Saturday, tens of thousasnds of people who had used the third-party website to apply for District 202 jobs received the message, which boasted that the system had been hacked.

District 202 Community Relations Director Tom Hernandez on Tuesday said the district had learned that whoever accessed the job application system did so by using an employee's username and password taken from a list on one of the district's servers.

Find out what's happening in Plainfieldwith free, real-time updates from Patch.

READ: Plainfield School District Reacts to Job Application System Breach

Over the weekend, Hernandez said officials believe the same person is behind a similiar incident in which someone was able to access the District 202 website. The district has been in touch with police and the FBI, and plans to prosecute to the fullest extent possible, he said.

Find out what's happening in Plainfieldwith free, real-time updates from Patch.

"We have no evidence that any unauthorized individual has actually retrieved and is using personal information that applicants or employees may have submitted to the district’s job application system," Hernandez said in a statement released Tueday evening. "We will post and send one last message by the end of the day on October 19, 2012 that will explain how to remove your information from the District 202 job application system, if you choose to do so."

On Saturday, Hernandez said he could say "with certainty" that whoever accessed the system was not able to gather social security numbers, since District 202 does not ask for that information its job applications.

A spokesman for the company that owns the job application website, www.applitrack.com, earlier this week stressed that the site itself was not hacked.

"Someone used an authorized Plainfield 202 username and password to access their database of employment applications to send an obscene email," said Keith Westman, vice president of Apex Solutions.


Get more local news delivered straight to your inbox. Sign up for free Patch newsletters and alerts.

We’ve removed the ability to reply as we work to make improvements. Learn more here