Jupiter Grades Password Update Advisory

 
Security Alert Message from Jupiter Grades
 
Please change your password! On Monday we discovered a security breach on one of our servers. We now found evidence that the hacker was able to collect your password if you typed it on the login screen. If they did use your password, it would have sent you the usual security alert, titled "Different browser today?" Even if you have not received that alert, we recommend you change your password as a precaution, and review your Access Log. If you see a suspicious login, review your gradebook Backups to undo any changes.
 
The hacker also collected passwords from students and parents if they typed it on the login screen, although they did not collect the school information that is required to login. Nonetheless, we have posted a security alert for students and parents to change their passwords. Today we also reset any temporary 4-character student/parent passwords, just in case the hacker had scanned those. That means you should reprint any Password Login Instructions you sent out recently.
 
The hacker did not target any particular school, and there is no evidence that they read any private data. It appears the hacker just wanted to break into the server for fun. Yesterday we took the servers offline as soon as the exploit was discovered, and we patched it shortly after. Security is our top priority, but hackers still manage to discover undocumented exploits. We are working overtime on this ongoing investigation, and we will keep you informed of any updates.
Published