The Association of Interim Teachers of the Region of Murcia (Aidmur) issued a statement on Tuesday in which it indicated that the Data Protection Agency investigates “Strong indications of possible irregularities” in the Ministry of Education after hacking the personal data of thousands of teachers in the Region. The opening of the file is the result of the complaint filed by Aidmur after the computer attack.
On March 7, the Computer Services of the Autonomous Community of the Region of Murcia issued a statement in which they announced that the Ministry of Education had been the target of massive computer attacks on its ‘online’ platform. In this communication, they indicate from Aidmur, It was not specified whether these attacks had been successful, or whether the hack had affected the personal data of the 37,500 teachers found on this platform. However, during the following days, several teachers in the Region detected that their bank accounts had been modified in the app. From the Association of Interim Teachers of the Region of Murcia, “in view of the absolute lack of response from the Ministry to the complaints of those affected”, they then decided to go under the protection of the Spanish Agency for Data Protection, since they assume that “if bank accounts have been modified, it is possible that even the most sensitive data could have been exposed, because within the platform there are also documents such as academic records, degrees, teaching experience or exam marks ». Now, the AEPD responded to this complaint by opening a file in which it will investigate the scope of the security breaches and the possible responsibilities, since it sees “solid indications of possible irregularities” in the actions of the Ministry of Education.
The Aidmur spokeswoman, Sara Henarejos, reported that, once the computer attack was detected, “the only action requested from the CARM computer services was password change up to four times during the weekend, also generating the blockage in many of the accounts necessary for the teaching activity. This is added, as Henarejos denounces, to «other bad practices in the matter of computer security that have been carried out by the Ministry of Education, such as the massive creation of accounts with common passwords, the failure to request a change in the first access or non-use of 2FA security, consisting of two-step authentication «. Bad practices that, according to the spokesperson, “could lead to serious infractions with the current legislation in hand.”
In addition, Henarejos recalled that the ultimate management of student data on the digital platform rests with teachers, who do not receive training on data management in the virtual classroom, which represents “an added risk for the security of both the students as well as the teachers. “The Ministry of Education cannot continue to hide its head in a matter as serious as the fact that the banking, academic and personal data of tens of thousands of people may have ended up in the hands of hackers. Bad practices must have consequences and it is not acceptable that nobody assumes their responsibility and that they hide information from the affected people, ”said the AIDMUR spokesperson.
#interns #reveal #Data #Protection #investigates #irregularities #Education #Educarm #hack