A University of Maine System forensic analysis of a late November IT security incident involving the Brightspace Learning Management System has found no unauthorized changes to grades or course shells.
The final report by David Demers, UMS chief information officer, confirmed that the Brightspace incident was contained wholly within the learning management system (LMS) and did not impact official student records or grades contained within the MaineStreet Student Information System (SIS).
A total population of 242 students had access to elevated privileges on Brightspace LMS from 8:30 p.m. Nov. 23 until 1 p.m. Nov. 25. Eighty of those students accessed 92 Brightspace LMS courses in which they were enrolled, with three exceptions.
In a Nov. 30 community message(External Site), Demers noted that any unauthorized changes to grades as a result of the elevated privileges would be restored. The final forensic analysis now confirms that no unauthorized grade changes or changes in any Brightspace course shells occurred.
The holiday weekend incident was the result of a technical alteration to a process UMS uses to synchronize course rosters between its official MaineStreet SIS and Brightspace LMS and was not the result of an internal or external hacking event. A permanent solution has been deployed to ensure no further synchronization errors occur.
The Brightspace LMS houses limited student information that is mostly considered directory information (name, email address) along with university ID, student enrollment and course-related activity, but not final official grades. No unauthorized access was granted to the MaineStreet SIS and, therefore, official student records and grades were not compromised.
Instructors and the 2,463 students enrolled in the courses were notified by Nov. 30 that Brightspace profile information and/or course enrollments may have been viewed via unauthorized access.
“We are grateful to the individuals who alerted us to this issue as well as everyone involved with investigating and resolving the issue promptly,” says Demers, who oversaw the forensic analysis. “We acknowledge and thank our UMS colleagues who have played a role in tracking, resolving and investigating the incident over the past several days. The strong team effort played a significant role in our ability to contain the issue and fully understand the impact.”
Original source can be found here
Alerts Sign-up