The Washington Post has published a new story that includes an important clarification to their earlier article reporting that someone had hacked into a client’s Bb system. In the new story, the Post makes clear that the unauthorized access was achieved by someone who obtained an instructor’s password, and not due to a security vulnerability in the Blackboard system.
Original post from Thursday, April 15:
For those that might have seen a story this morning suggesting a hack of Bb from a young student, an important clarification. We have worked with the client closely on their internal investigation of the issue which confirmed that the incident was not a result of a security vulnerability in the Blackboard product. Apparently someone found out and then used an instructor’s valid password as a way to gain entry to the system. We’re working with the client to clarify the story as reported. As always, Blackboard takes security very seriously and works closely with its clients to encourage the use of best practices and policies around password use.