Hackers access alumni college application records

President+and+Head+of+School+Rick+Commons+describes+the+extent+of+the+security+breach+in+an+email+addressed+to+parents+and+alumni.+Current+students+were+not+affected%2C+as+the+school+stopped+using+Naviance%2C+the+platform+that+was+hacked%2C+in+2020.

Sandra Koretz/Chronicle

President and Head of School Rick Commons describes the extent of the security breach in an email addressed to parents and alumni. Current students were not affected, as the school stopped using Naviance, the platform that was hacked, in 2020.

Lily Lee

In a breach of electronic security, unidentified hackers accessed the school’s former online college counseling platform, Naviance. Current parents alerted the school after receiving emails disguised to look as if they had been sent by the Head of School, containing confidential information including alumni’s SAT scores and letters of recommendation.

Naviance is an educational software company used by high schools and their students to store information related to the college admissions process. Naviance was used by the school from 2012 until 2020 and is used by many other private schools and the Los Angeles Unified School District.

According to the school’s 2019-2020 College Counseling Handbook, Upper School students stored private information, including college wishlists, test scores and letters of recommendation to Naviance. Head of Upper School Rick Commons sent an email to alumni and their parents explaining the current situation and the school’s plans to identify the hackers.

“A malicious actor gained access to the Naviance platform,” Commons said. “We have engaged the leadership team of Naviance and have their commitment to conduct an immediate and exhaustive investigation to identify the source of the breach.”

In the email, Commons said the school understands the importance of protecting the privacy of student information, that the school’s own computer system was not hacked and said the school values privacy and confidentiality.

“The school is outraged by this violation of student privacy,” Commons said. “We will pursue all remedies available to us to protect this student information.”

These measures include working with law enforcement, Naviance, the Board of Trustees and a private firm that will conduct a forensic investigation to identify the source of the breach.

Alumnus Ryan Wixen ’19, currently attending Stanford University, said he remembered using Naviance during his college process.

“It was surprising that someone would want to target Harvard-Westlake and I wondered why they might want to do that,” Wixen said. “I was definitely concerned for anyone whose information might have been compromised.”

In 2019, Naviance was breached in Maryland and Pennsylvania when student hackers accessed the online data, according to The Washington Post.

Commons said in an email to the Chronicle that more information will be shared with the community as the investigation continues.

Paris Little ’22 said the school now uses two college support programs: Scoir and College Kickstart. Little said she is hoping that the school is taking greater precautions after the security breach.

“I am hoping that this is something that won’t happen again,” Little said. “We put our trust in the school, and hopefully they will have some things in place so that it isn’t something that can happen again.”

Commons said anyone with questions can email [email protected]