A few days after the Abitur technical breakdown in North Rhine-Westphalia, the Ministry of Education became aware of another IT weakness in the Ministry’s business area. The central high school is expressly not affected by this weakness, the ministry emphasized on Monday. Since the download disruption last Tuesday, all download processes related to the Abitur have run normally.
The vulnerability was discovered on Thursday on a server of the “Quality and Support Agency – State Institute for Schools NRW” (QUA-LiS NRW), the Ministry of Education reported. Schools would have the opportunity to test the functionality of school hardware and software all year round via a test server. Teachers can access it at any time.
This system made it possible to read 500 user data from another, internal work platform of QUA-LiS NRW – for example user name and e-mail address. This possibility of access was immediately stopped after it became known last Thursday, the ministry said. The users were informed accordingly and asked to change their passwords as a precaution. A spokesman said the information about the vulnerability came from specialists at the Federal Office for Information Security (BSI).
School Minister Dorothee Feller (CDU) ordered that all IT processes of the state institute should now be put to the test. “We’re taking a very close look at everything here. This analysis has absolute priority. There must be clarity here as to how the vulnerability came about,” she said, according to the message.
FDP parliamentary group leader Henning Höne announced: “The series of breakdowns in Prime Minister Hendrik Wüst’s cabinet continues. The fact that the data of 500 teachers at QUA-LiS NRW could be read is another blow to the office and extends the public press ride of School Minister Feller (CDU) through Absurdistan.” The Liberals demand “complete clarification” about how far-reaching the assumed data leak is.
communication