HALTOM CITY -- Two students from Birdville schools hacked into a school district network server and downloaded a file with 14,500 student names and Social Security numbers, officials said.
Haltom City police are investigating the security breach, and the students could face criminal charges, depending on the findings of that investigation, police officials have said.
In a letter mailed Thursday, Birdville Superintendent Darrell G. Brown notified families of all students whose information was in the file. In the letter, Brown outlined steps families can take to protect against identity theft, such as checking their student's credit report for unauthorized use and having credit bureaus add a fraud alert.
"I am deeply sorry this incident occurred and the district takes full responsibility for the error," Brown wrote.
The breach was discovered Tuesday, after a staff member overheard the two students talking about it and notified campus officials, district spokesman Mark Thomas said.
The breach involved a network server that was no longer in use and was being taken down. The student records file, from 2008-09, has been removed, and the server is not operational now, Thomas said.
District officials believe that the file was not used by the two students, a junior and a senior, Thomas said.
"Everything I've seen does not give the indication that they were specifically seeking anything. They came across these files and when they did, they downloaded them," Thomas said. "They did it from outside of the district. As far as how they did it, we have some idea, but we want to allow the Police Department to complete their investigation before we discuss those matters."
In addition to possible criminal charges, the students face discipline from the district for violating its policy for acceptable use of its electronic communications systems, which is part of the secondary student handbook. Punishments range from in-school suspension to expulsion, Thomas said.
Thomas said the district is seeking ways to increase computer security, including adding measures to restrict access to parts of the network.
Jessamy Brown, 817-390-7326