yes, the problem is the kid and NOT the fact that he had access to that data from the study hall computer.

the complete lack of details to the "hack" make me think he just copied it out of a network share.

jackasses.

blogged it, couldn't resist

http://carnal0wnage.blogspot.com/2008/05/school-district-in-pa-hacked-by-15-year.html

Very good blog.  I must say (not to sound rude) that you get what you pay for.  I know that in PA (where I live) that IT pros in the education arena don't get paid too well.  It is a union-like environment, and the pay isn't competetive at all.  This results in less seasoned candidates that apply, and more entry-level people who are hungry, but not necessarily having the ideal skills to handle this job.  My buddy was like a one-man show at the school (PA) where he worked at for 7 years, and only got paid 45k...not too much at all IMO.  He doesn't have a whole lot of IT security knowledge (common sense though as it pertains to this breach), but God bless him, he did his best to stay afloat.  With that said, he left for greener pastures and can concentrate on the Windows/system admin side for more money, and less hassle.

Also, schools do not have much of a budget for IT, and the people who head the school boards, and ultimately the decison makers have little to no clue on what they need to have an up-to-par IT infrastructure.