When I was hired to teach math at Patrick Henry High School I had no idea what was going to happen. Being a math teacher, I was somehow enlisted to be part of the CERT at Patrick Henry. You see, CERT stands for Computer Emergency Response Team and as a member of the team I have certain responsibilities once a "computer emergency" occurs. While I don't want to dwell on defining what constitutes a "computer emergency", I will explain the current situation in which I find myself involved. A teacher at our school, who will remain anonymous, pending the CERT investigation, contracted a virus on his computer. As a classified employee, the teacher has access to files that contain students' personal information, including their full names, home addresses, parents' names and addresses, as well as students' grades for courses taken at the high school level and other personal data. information. Unfortunately, some of these confidential files were shared via a file sharing server and ended up in the hands of a Las Vegas Sun reporter. The Sun reporter later wrote a report on the breach and accused the school of inflating grades to increase student scores, ending up in our local newspaper. Patrick Henry CERT was asked to determine the scope of the breach, investigate whether sanctions apply, and provide recommendations to avoid this in the future. Currently, these files are stored in a secure database at district headquarters, but may be and are accessible from computers located in schools throughout the district. To access the files you need a computer with adequate capabilities, a typical desktop or laptop with Internet access is “adequately...... half of paper ......and ftp . There was no intention to harm either the school or the students. The news of the "increase in votes" does not seem valid and the evidence provided by the journalist in this regard appears very weak. A brief look at the grades of other students in the teacher's classes in previous semesters provides no evidence to support the reporter's claims. There is a statistical analysis coming that I believe will demonstrate this as well. Recommendations:1. Include in regular scans usage and monitoring of your network and FTP sites.2. Prohibit the use of FTP sites in the district network to prevent the transfer of confidential data.3. Educate our teachers and staff about FTP and other file sharing sites, their uses and potential dangers.4. Add this particular protocol (ban on ftp and other file sharing sites) to the document that our staff signs when obtaining your network user ID and passwords.