On Tuesday, February 25, 2025, the Charles County Public Schools (CCPS) offices of School Safety and Security and Technology discovered fraudulent activity related to two employee email and Oracle accounts.
The report is still under investigation, but the employees impacted are aware of the activity.
Note: A version of this update was emailed to all employees of Charles County Public Schools (CCPS) earlier yesterday.
A person reportedly called the technology help desk at the Jesse L. Starkey Administration Building, identified themselves as an employee, answered identity verification questions and asked for support in changing their multi-factor authentication (MFA) password information.
The report was investigated, and it was determined that the caller gained access to the employee’s Oracle account and changed their direct deposit banking information. The activity was caught prior to the unauthorized transaction of any funds, and the account information was suspended to avoid any additional issues.
As of 6:15 p.m., 2/25/2025, CCPS has not identified any impacts to its student information system, Synergy, or any additional employees impacted by this fraudulent activity.
Staff from the offices of School Safety and Security, Technology, Budget and Finance, and Payroll are working to investigate if any other employees were impacted.
This incident was also reported to the Office of Security Management, Maryland Department of Information Technology. A comprehensive investigation is underway including internal and external partners.
CCPS staff were asked to check Oracle accounts for any unauthorized changes.
