Did Google hack a middle school?
For Google, a dispute over student information found online via Google has turned into a legal fight. On Friday, North Carolina Superior Court judge Richard D. Boner (yes, that's his name) issued a temporary injunction ordering the search engine to remove information about the Catawba County Schools Board of Education. The dispute began last week when the Hickory Daily Record reported that a student's parent had found the names and Social Security numbers of 619 middle-school students in a Google search. The school claimed that Google had broken through the password protection on the school's website to access the page; a Google spokesman said that was impossible.

Techdirt feels that the school should get its own injunction against stupidity. "It certainly sounds like the school district left the information open, and doesn't want to admit it," observes Techdirt, and the injunction seems pointless, given that a lawsuit is "bound to fail." SearchEngineWatch doesn't buy the school's story, either: "Someone at the school must have left an opening for Google."

What do you think? Did the school system do enough to protect its students' personal data? Leave a comment below.
Posted by Owen Thomas 10:09 AM 17 Comments comment | Add a Comment

The school's webmaster should be fired (or at least receive detention) for not only incompetence, but also for clearly false accusations. Even using the most basic authentication mechanism, Google's spidering engine would have been powerless to surpass it. Let's hope the school's administrators are fiercely reprimanded for placing their students' personal information in jeopardy.
Posted By Jason, Columbus, Ohio : 11:58 AM  

Sounds like someone at the school left something open. They should wake up and improve their security.
Posted By Ryah concord, ca : 12:05 PM  

I'd have to agree with the thought that the school district is to blame, obviously they left the data unprotected. Even if their web server was vulnerable, they shouldn't have had private or sensitive information on it in the first place. It seems the school and district need to do some learning of their own or hire someone that actually knows what they are doing.
Posted By Jeff Bledsoe, Lake Oswego OR : 12:14 PM  

It has nothing to do with Google. They were just stupid enough to leave the data open - the Google scooped it up like it was any other web based data.
Posted By Sam, Arlington, VA : 12:41 PM  

I have 2 questions....First, how is it possible for a search engine to 'hack' a web site and second, who in their right mind came up with a first and middle name for the Judge in this case!?
Posted By Steve, Deltona, FL : 12:43 PM  

It is definitely stupidity on the school's part. It makes them look even worse to try and pin the blame on Google rather than admit the mistake and then take the proper steps to correct it. Instead of blaming someone else, they need to revisit their security policies and make sure that the people they hire don�t make the same mistake again.
Posted By James, Vancouver, WA : 1:22 PM  

Did the middle school kids configure that network or something??

Sounds like a load of stupid running that IT dept...
Posted By G, Columbus, OH : 1:26 PM  

It's pretty clear to me. That this is even getting media attention is ludicrous, and only because Google's name is tied to it. If Google's algorithm's picked it up, it obviously was on an unsecure section of the website. I agree with someone above that the webmaster should be fired for his negligence. But he does get kudos for snowing an entire school board and a court into believing it may have been Google's fault.
Posted By roger511a@yahoo.com; Newark, DE : 1:59 PM  

Another case of people that do not understand computing claiming that "it's not their fault". I am sure they used a simple password protection scheme (htpass) without any form of encryption/SSL. Of course a search engine robot is going to recursively search pages so encrypt the data in a secure data base (not in a HTML doc). What a bunch of idiots. Hope banks do not hire anyone from that school.
Posted By Scott, San Franscisco, CA : 2:00 PM  

Whoever set up the schools site should be fired.
Posted By mike, LA : 2:12 PM  

This is just another case of someone playing the blame game. And as usual IT runs downhill. When the President, Vice President, and Congress do it other people will follow suit. At the root is incompetence and people's inability to realize they can learn from their mistakes. What happened to humility? Unfortunately, these people are "teaching" impressionable children. Ironically, these children probably knew more than the school administrators that a search engine does not "hack" into computers. Even I knew better than that. Remember: Question everything! (End of rant).
Posted By Jamie, Burnsville, MN : 5:26 PM  

What ever the case. Before you put the content open for public don't you have responsibility of inspecting it....
Posted By prasad, overland park, ks : 5:34 PM  

Hey the secondary and below level schools of today have no real experienced computer person to know what is safe and what is not safe when information is released on the internet. So schools need a safety net, which will not allow all information to be released to others.
Posted By Jack Bains,Fresno, CA : 5:59 AM  

Simple questions. What would a large dominant top of the line tech company gain by hacking into a little school gain? Any pro hackers can get into these schools if they really wanted to, but since they don't why would google want to?.......Google's got better fish to snap at.
Posted By Harry, New York, NY : 10:01 AM  

Question: If I leave my front door open and a thief walks in and steals my computer, does the fact that my door was open negate the fact that he entered my house without my permission? Google crawls onto things maybe it should not?
Posted By Gus, Montreal : 11:06 AM  

What I want to know is why is that info sitting on a webserver at all. That type of info belongs on the intranet, not the internet.

And I thought our school district was total crap.
Posted By Kevin, Albuquerque, NM : 11:27 AM  

Hah he probably had a plain text database set up and the html file that read it was password protected, but not the database itself.... so google unknowingly "found" the database. Thats greatness.. Another prime example of retarded admins.
Posted By Devin, DFW, TX : 11:21 PM  

To send a letter to the editor about The Browser, click hereTop of page

Got a news tip? Send it to The Browser