Arlington Public Schools data breach compromises staff info

The data breach at APS affected sensitive information, including employee tax data.

Arlington Public Schools has been the victim of a data breach that compromised sensitive employee information, including tax data, according to an assistant superintendent.

About 28 district employees and their W-2 tax forms were first affected by the breach, according to ARLnow, which reported the initial attack last week. The scope of the breach widened this week, when officials sent a letter to staff that 40 more employees had been impacted.

APS officials said an unknown party logged into the district’s secure data system, STARS, as an employee.

“To do this, we believe the perpetrator(s) obtained the personally identifiable
information for some APS employees from an unknown source,” officials wrote to employees. “The information was then used by the perpetrator(s) to
perform a “self-service password reset” for the individual APS employee’s STARS account, giving that party access to the
employee’s information.”


Officials said they are taking extra precautions to ensure that another breach does not happen, and have notified the FBI and Virginia attorney general’s office.

The district also contracted with AT&T’s cybersecurity unit to assist in the investigation and “perform a complete threat assessment for all of our APS systems,” according to a letter. Officials told employees in an email that they changed the STARS password for all the accounts, and disabled the “self-service password reset” feature, putting in an extra step to reset the codes.

Another expert pulled into the investigation is Naren Kodali, a professor of Information Security at George Mason University.

“With the help of the outside organizations and experts that we have hired, our entire team in the Department of Information Services continues to focus on the ongoing investigation,” they wrote to employees.

Linda Erdos, assistant superintendent for school and community relations, said in an email that administrators are keeping their employees in the loop about the ongoing investigation.


Companies like VMware are ramping up their K-12 cybersecurity services, with officials warning that breaches and identity thefts are occurring more frequently in schools.

This report has been updated to include more information from Assistant Superintendent Linda Erdos.

Reach the reporter at and follow her on Twitter @clestch and @edscoop_news.

Latest Podcasts