State officials in seven states reported that online testing was disrupted by breakdowns. The vendor, Questar, said the system was brought down by a “deliberate attack.”
“One of the nation’s largest online assessment providers, Questar Assessment Inc., experienced a potential cyberattack this week that affected at least seven statewide K-12 assessments across the country — and state officials have more questions than answers as some districts struggle to recover.
“On Tuesday, what officials called a “deliberate attack” affected tests in seven states that Questar is contracted with, including South Dakota, Mississippi, New York, Missouri and Tennessee. Two other states were not as “negatively affected,” said Questar COO Brad Baumgartner, who testified in front of Tennessee lawmakers on Wednesday in a special hearing dedicated to the testing woes.
“It appears Questar’s data center may have experienced a deliberate attack this morning based on the way traffic is presenting itself,” Tennessee Education Commissioner Candice McQueen said in an email announcing the incident Tuesday.”
Every electronic system is vulnerable to hacking. Even the nation’s highest security agency, the National Security Agency, has been hacked and vital secrets stolen.
It is reasonable to assume that ETS, the College Board, ACT, Pearson, and other testing organizations are not as secure as the Pentagon or the NSA. It is reasonable to assume that clever hackers will disrupt state assessment systems in the future, stealing test questions and disrupting testing.
Oh, don’t worry. They’re just using 50 million public school children and their teachers to test their new online platforms.
A couple more years and the bugs will be worked out of these products, thanks to thousands of wasted hours by unpaid students.
They don’t value their time or work AT ALL. The assumption is it’s a donation to the testing vendors. They kids add the value and the vendors pocket the gains.
Why would anyone want to steal the stupid test questions? I thank whoever decided to “disrupt” this testing madness and I hope they continue on with Pearson, NWEA, SBAC etc…. These companies need to be exposed for the frauds that they are. Thank you, good hackers of the dark net!!
an interesting result if the tight focus on math/coding/computers allows kids the skills to figure out how to expose the fraud
Parents in Ohio were told last year that the reason we went to online testing was so results would be available within some time frame where they might be useful to someone.
Except that didn’t happen. The results were available the same time as the old testing.
Anyone know if that was just a lie? Is it even true that this is somehow “faster”?
I really, really wish state lawmakers would start doing their jobs and stop taking orders from ed reform lobbyists. Why are we paying these people? If I wanted to elect an ed reform lobbyist I would do that. They HARM public schools. It would be bad enough if they just neglected public schools but they actively harm kids in public schools.
Stop. Stop taking their advice, stop hiring them as consultants, stop listening to them. They add no value.
In New York, which also uses Questar, the results of online testing are not available until September. This is very odd. Why aren’t the results from an electronic test available in a week or two weeks, when the teachers could learn from it and see how to help their students?
I think they are waiting for all tests, paper and online, so they can decide what % they want to pass this year and then use that information to set the cut score.
“The results were available the same time as the old testing.”
Gotta have time for those psychometric (or is it psychedelic) fudgings to work their magic.
Or psychometics (psychometric + psychotic).
Or just plain psycho.
“A deliberate attack”
Translation: “All those millions of damned test taking students trying deliberately to access our system simultaneously! The audacity! The unmitigated gall!
Forgot “the impudence!”
Exatly, Poet. I bet nobody tried to break into their system; they just made it up. Even hackers have standards what they are willing to hack. There is absolutely no reason to hack into a testing company’s system: it’s screwed up as it is.
Why are we not reading about this major event in the Times or the Post?
I’m seriously doubting this was a hack. That claim is more likely the testing companies’ CYA because they – yet again – weren’t prepared for hundreds of thousands of people logging on simultaneously.
In the event I’m wrong, however, thank you to whoever hacked them
I am also skeptical that it was a hack.
I’d have to see the evidence to be convinced.
It’s hardly incidental that a testing company like Questar could stand to lose tens (if not hundreds) of millions of dollars in testing contracts if states cone to believe they were responsible for what just happened.
So they have a huge vested interested to claim it was a “hack” to absolve themselves of responsibility.
The more plausible scenario is the one you described: their system (software and/or hardware) could simply not handle all those students trying to access it simultaneously as part of the testing.
And state officials also have an obvious interest in calling it a “hack” to absolve themselves from their own responsibility.
Somewhat relevant:
https://edscoop.com/edtech-and-industry-leaders-say-theyre-stuck-if-they-cant-learn-to-scale
The last 2 paragraphs say it all. Data collection and disruption of public education. Pearson should be sued for it’s data collection…especially what has come to light this week with their embedded psychological assessments of college students using an online learning platform mandated by the college.
Thanks for the link howardat58
“deliberate attacks”
Must be the Ruskies, eh!
Putin himself undoubtedly ordered it.
“Hmm, let’s see, how can we bring those Americans to their knees?
Ah, yes. Hack the standardized tests! Without those, the whole American EDifice will collapse like the Soviet Union did!”
“It is reasonable to assume that clever hackers will disrupt state assessment systems in the future, stealing test questions and disrupting testing.”
Pretty sad day in America when we will have to rely on hackers to bring such malpractices down.
If I had a message for all hackers it would be: Please focus on these tests and those that produce and make so much money off the back of the students.
Dark net hackers are the 21st century superheroes.
Yeah, as long as they don’t steal your passwords and credit cards
I believe there are some really good people having to do some awful and unlawful things because our government and representatives don’t care to listen to the people who put them in charge. If this was truly a hack, I’d suspect some very computer savvy parents behind it. I know that if I had the knowledge and means….I’d do the same for the benefit of children. I’m tired of waiting for the reversal and I’m sure other parents are tired of waiting as well. I don’t think there is a desire for passwords and credit card info in this case.
The ironic part is that by yelling “hack” every time there is a problem with test administration, state officials are unwittingly undermining public faith in the integrity of the system.
If it happens enough, parents, teachers and others will reach a point where they simply do not trust the integrity of the results (if they have not already reached that point), not because they don’t think the test is valid, but because they don’t trust that the scores for the students have not been changed.
At that point, even “clean” administrations of the test will not be trusted.
So these state officials are unwittingly planting the seeds of the test’s demise with their claims of “hack” before there has been a proper investigation by an unbiased outside organization that has no vested interest in whether it was a hack or not (and Questar is clearly not an unbiased, unvested organization)
Either way Questar looks incompetent, it’s either poor implementation or poor security– & [yay] reflects poorly on whatever state ed commish pushed the district into all this online testing. If I still had kids in school, I’d be demanding an immediate end to any personally-identifiable info on my kids being shared online for any reason. Let’s go back– back– back to the days of teacher-designed tests graded in-house! No more data-collection for Uncle Sam.
Bethree, agree. Teacher made tests are far superior to standardized testing, no matter which vendor.
Date collection for Uncle Sam or for corporations that make a profit by selling that info to other corporations?
After all, the courts have already ruled that it is illegal for the government to collect bulk data on citizens, but there have not been any court cases that ruled against corporations from gathering and profiting from collecting data on all of us.
“N.S.A. Collection of Bulk Call Data Is Ruled Illegal”
WASHINGTON — A federal appeals court in New York ruled on Thursday that the once-secret National Security Agency program that is systematically collecting Americans’ phone records in bulk is illegal. The decision comes as a fight in Congress is intensifying over whether to end and replace the program, or to extend it without changes.
In a 97-page ruling, a three-judge panel for the United States Court of Appeals for the Second Circuit held that a provision of the U.S.A. Patriot Act, known as Section 215, cannot be legitimately interpreted to allow the bulk collection of domestic calling records.
Except for maybe one stdzd test every 3 yrs, providing anonymous data to the bean-counters.
Bunch of districts in Ohio are buying into this online platform; https://www.modernteacher.com/
Main page lists all of the current buzzwords. This should go well.
Also going to bring up FIP(battelle corp) again, since that last time a conversation on student data mining in Ohio got brought up, the whole post and thread disappeared.
What will schools’ responses be when these platforms get hacked, go down, or as we have seen in places like Maine, just don’t work?
If you read the article carefully, it was the Tennessee Ed Commissioner not Questar that blamed a cyberattack. The Questar COO Brad Baumgartner was quoted this way: “In an email sent to the Democrat & Chronicle, Baumgartner said Tuesday’s delay presented “a data pattern presented itself that was not consistent with anything we have experienced prior,” but did not call it a cyberattack.
Um… too many concurrent sessions? Pro tip: switch to AWS if you cannot handle the load in-house.
Every electronic system (linked to the internet) is vulnerable to hacking (24/7/365).
And that is the main reason why voting, testing, and student work should not be online.
Use the internet for research or reading but do all work on paper. Do all voting on paper too.
All testing should be teacher generated for teacher use and on paper to avoid this risk and to avoid letting greedy, child predator Facebook (and other sites) to sell all info they collect on everyone including children.
Hear, hear.