Charles County Public Schools is investigating a case of fraudulent activity involving employee email and payroll accounts after an unauthorized individual gained access to two employee accounts. The attempted fraud was detected before any funds were transferred, and CCPS officials are working with state and internal security teams to assess the impact.
On February 25, staff from the offices of School Safety and Security and Technology identified suspicious activity involving employee Oracle and email accounts. A caller contacted the technology help desk at the Jesse L. Starkey Administration Building, posed as an employee, correctly answered identity verification questions, and requested a reset of their multi-factor authentication password.
The unauthorized access allowed the caller to log into an employee’s Oracle account and change direct deposit banking details. However, the fraudulent transaction was flagged before any money was transferred, and the account was suspended to prevent further activity.
As of 6:15 p.m., CCPS has found no evidence that its student information system, Synergy, was affected. Officials also have not identified additional employees impacted by the scheme.
Staff from the offices of School Safety and Security, Technology, Budget and Finance, and Payroll are conducting a full investigation to determine if other employees were targeted. The incident has been reported to the Office of Security Management at the Maryland Department of Information Technology, and external partners are assisting in the review.
CCPS has advised all employees to check their Oracle accounts for any unauthorized changes. The investigation remains ongoing.
